MAL-2026-6257

crud-respect is a dependency confusion proof-of-concept package published to the public npm registry by the account r0binak and self-labeled "Security research PoC - Dependency Confusion Hunter". It was published at the artificially high version 999.99.99, a floating-version bait used to outrank a private-registry package of the same name so that build pipelines preferring the highest available version resolve and install this public package instead. It belongs to the same r0binak dependency-confusion campaign as carousel-controller-mixin (MAL-2026-5856) and setka-editor (MAL-2026-5859). Packages in this campaign declare both preinstall and postinstall hooks that run callback.js on every npm install; the script collects installer identity and environment data (username, uid/gid, hostname, homedir, cwd, platform, Node version, local network interfaces, and the external IP via api.ipify.org) and probes for CI/cloud credential environment variables (AWSACCESSKEYID, GITHUBTOKEN, NPMTOKEN, DOCKERPASSWORD) plus GitHub Actions context. The collected data is exfiltrated to a hardcoded Discord webhook and via a DNS side-channel (base64-encoded host data prepended as a subdomain and resolved with dns.resolve()) to defeat egress HTTP filtering on CI networks. Regardless of the stated research intent, install-time exfiltration of host data and credential-presence flags is harmful to any pipeline that resolves this name.

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (a0a6cb4078e221ef4d76020340517c2ff466e9724950bc189368fd6239170cd9)

package.json declares both preinstall and postinstall hooks that execute node callback.js. On install, callback.js collects the OS username, uid/gid, home directory, hostname, current working directory, local and external IP (via https://api.ipify.org), CI-detection flags, and the entire process.env object without any filtering, then POSTs the JSON payload over plaintext HTTP to a hardcoded endpoint at http://132.243.20.244:8000/api/collect (callback.js line 6). A code comment in Russian explicitly states that all environment variables are sent without masking. The package self-describes as a 'Dependency Confusion Hunter' PoC and is published at version 999.99.99 — the canonical inflated-version pattern used to override legitimately-named internal packages during npm resolution. Any installer (especially CI systems where process.env typically contains NPMTOKEN, GITHUBTOKEN, AWS_* credentials, and other provider secrets) running npm install crud-respect ships its full secret environment to the hardcoded IP. The research-PoC framing does not change the installer-side impact: secrets are exfiltrated on every install.

Source: ghsa-malware (55925f74e1330158cf6c432ae04c02042333e8a042198e49577248771fce6ad2)

Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.