MAL-2026-6275

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@ts-apis/ts-utils/MAL-2026-6275.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-6275

Published

2026-06-23T03:01:33Z

Modified

2026-06-23T03:31:20.746081578Z

Summary

Malicious code in @ts-apis/ts-utils (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (eccf08a9ba188be941f42f0b088d51fc5b1e84802fe9bd1d1218a6b71a6e2c11)

The published tarball's dist/index.js contains an obfuscated payload that runs at require() time inside a setTimeout-wrapped IIFE, completely unrelated to the package's advertised TypeScript utility API (logger/middleware/getDb/createRedisClient). After a 500-2500ms jitter, it harvests installer-side credentials from ~/.ssh/ (idrsa, ided25519, idecdsa, config, authorizedkeys), ~/.aws/credentials and ~/.aws/config, ~/.kube/config, ~/.npmrc, ~/.netrc, ~/.docker/config.json, ~/.git-credentials, gcloud applicationdefaultcredentials.json, ~/.config/gh/hosts.yml, terraform/Azure/Vault/Railway/Solana credential files,.env files in cwd and parent directories, and on Linux /run/secrets/* plus the Kubernetes service-account token. It also queries cloud-instance metadata services to steal short-lived credentials: AWS EC2 IMDSv2 at 169.254.169.254 (PUT token then GET iam/security-credentials/), GCP metadata.google.internal with Metadata-Flavor: Google, and the ECS container credentials endpoint via $AWSCONTAINERCREDENTIALSRELATIVEURI. Collected secrets, environment variables, hostname, userInfo, cwd, git config/remotes, /etc/hosts, process listings, and /proc/1/environ are JSON-stringified, base64-encoded, chunked to 30KB, and POSTed over HTTPS to https://safdadfasf.com/cb/loopscale/exfil. A second component opens a persistent C2 channel: every 10 seconds it GETs https://safdadfasf.com/cb/loopscale/h?id=<hostname-timestamp>; responses of the form {c:'SLIVER...'} download a binary, chmod it to 755, and exec it (Sliver-style implant staging), while any other command is passed to execSync with output returned to the C2. All sensitive strings (hostnames, paths, shell commands such as 'powershell Get-ChildItem env:', 'cmdkey /list', 'find / -name.env') are encoded as String.fromCharCode arrays and reconstructed at runtime to evade static analysis. The src/ directory contains only legitimate TypeScript helpers; the payload is present solely in the published dist/index.js, indicating a deliberately backdoored build.

Database specific

{
    "malicious-packages-origins": [
        {
            "id": "IN-MAL-2026-007194",
            "versions": [
                "1.0.0"
            ],
            "import_time": "2026-06-23T03:13:43.941738174Z",
            "modified_time": "2026-06-23T03:01:39Z",
            "sha256": "12056b67bfeda9328838ff8458d4f38ffc1b65ccd71164498ffeb1d4e307afa5",
            "source": "amazon-inspector"
        },
        {
            "sha256": "af14b02cb4671aa93acc751aceafb4d2f80330e23ad1220d3b9ad08097d23baf",
            "versions": [
                "1.0.7"
            ],
            "source": "amazon-inspector",
            "modified_time": "2026-06-23T03:01:40Z",
            "import_time": "2026-06-23T03:13:44.045490647Z",
            "id": "IN-MAL-2026-007195"
        },
        {
            "id": "IN-MAL-2026-007191",
            "versions": [
                "1.0.9"
            ],
            "import_time": "2026-06-23T03:13:43.640654297Z",
            "modified_time": "2026-06-23T03:01:37Z",
            "sha256": "d0642d2d0f9a777b980c086bfa15770de968767705ec917ac362bad75e903ade",
            "source": "amazon-inspector"
        },
        {
            "sha256": "eccf08a9ba188be941f42f0b088d51fc5b1e84802fe9bd1d1218a6b71a6e2c11",
            "versions": [
                "1.0.8"
            ],
            "source": "amazon-inspector",
            "modified_time": "2026-06-23T03:01:38Z",
            "import_time": "2026-06-23T03:13:43.751097354Z",
            "id": "IN-MAL-2026-007192"
        },
        {
            "sha256": "f6adbe3a98ab8ddfafb044c7faa99be609d037118b8c4302e2f726355b01a1e4",
            "import_time": "2026-06-23T03:13:43.861513053Z",
            "source": "amazon-inspector",
            "modified_time": "2026-06-23T03:01:38Z",
            "versions": [
                "1.0.5"
            ],
            "id": "IN-MAL-2026-007193"
        },
        {
            "id": "IN-MAL-2026-007190",
            "versions": [
                "1.0.4"
            ],
            "import_time": "2026-06-23T03:13:43.492925334Z",
            "modified_time": "2026-06-23T03:01:33Z",
            "sha256": "320b872273b2bc090f1633daf383736245010762235236e7be71bf30d2f7a673",
            "source": "amazon-inspector"
        },
        {
            "sha256": "8c4213763da3ab47fc9efd6df9dded22239064decceac5ad6381c27537901fec",
            "versions": [
                "1.0.6"
            ],
            "source": "amazon-inspector",
            "modified_time": "2026-06-23T03:01:41Z",
            "id": "IN-MAL-2026-007196",
            "import_time": "2026-06-23T03:13:44.150712134Z"
        }
    ]
}

References

Credits

- Amazon Inspector - FINDER
- - inspector-research@amazon.com

Affected packages

npm / @ts-apis/ts-utils

Package

Name: @ts-apis/ts-utils; View open source insights on deps.dev
Purl: pkg:npm/%40ts-apis%2Fts-utils

Affected ranges

Affected versions

1.*

1.0.0

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

Database specific

indicators

{
    "package_integrity": [
        {
            "filename": "ts-utils-1.0.0.tgz",
            "hashes": {
                "sha512_sri": "sha512-nbt9WY751IorGzY2RVXgtTrpthH0KAu01/sGptV5qETWROJk2vUfcPWYdt/55P8J6mN4/wgKsQzYO3qd364v6A==",
                "sha1": "421b1b01c4126fbb6adb65220364fc20bcdd332f"
            }
        }
    ],
    "evidence_files": [
        {
            "sha256": "3d1c30d7f6e4d92d812e725a4ceae4dbb8d68c9310ca34690abc430dfc453a60",
            "tlsh": "f052a73a33fa6521b11be04fe7474001b9b2f5033665d8a4b68c73985fdd464d6a2ef4",
            "path": "dist/index.js"
        }
    ]
}

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@ts-apis/ts-utils/MAL-2026-6275.json"

cwes

[
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    }
]