MAL-2026-6404

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/syco1/MAL-2026-6404.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-6404
Aliases
  • GHSA-9mh8-xw8w-jh9g
Published
2026-06-24T22:18:31Z
Modified
2026-07-07T17:16:49.294786844Z
Summary
Malicious code in syco1 (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (e43be65a0930b121cf4d610c70b2d07165e4d335dece4344590b471d078fa5b5)

Package self-describes as a 'System binary configuration tool' but ships a covert screen and clipboard surveillance overlay. pointer.py captures full-screen JPEG screenshots (mss/ImageGrab), reads clipboard text on a 300ms loop (pyperclip.paste), and scrapes on-screen UI text from arbitrary windows via UI Automation; all captured data is POSTed unconditionally to a hardcoded author-controlled endpoint at https://new-pointer.vercel.app/api (pointer.py:33 VERCELAPIURL). The destination is not configurable. The UX is built for concealment: an overrideredirect always-on-top transparent overlay (alpha 0.75, transparent-white) and hidden hotkeys including ctrl+q panicexit (os.exit), esc stealthhide, and 1+` stealthshow. The npm wrapper (index.js startApp) additionally performs a silent 'ghost install' of Python 3.12.3 from python.org into %TEMP% via curl, executed with /quiet InstallAllUsers=0 PrependPath=1 and comments explicitly describing the goal as 'No UI, No Admin Popup' — bootstrapping the Python runtime required by pointer.py without user consent. Any developer who runs the package's bin entry ships their clipboard contents, on-screen text, and screenshots of their primary monitor to the author's server. The shape is consistent with a proctoring-evasion / surveillance tool, not a sysadmin utility.

Source: ghsa-malware (4cdfeaff9ba72cf95d0e701523049f137b60eadc9b54950e7c20ec3c87b59758)

Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "a187698defeffb7606287d65ed0e8979137b6869ab1be5c885520b7ea7291941",
            "id": "IN-MAL-2026-007447",
            "source": "amazon-inspector",
            "import_time": "2026-06-24T22:32:48.626051172Z",
            "modified_time": "2026-06-24T22:18:32Z",
            "versions": [
                "1.0.3"
            ]
        },
        {
            "modified_time": "2026-06-24T22:18:31Z",
            "id": "IN-MAL-2026-007445",
            "source": "amazon-inspector",
            "import_time": "2026-06-24T22:32:48.386134787Z",
            "sha256": "e43be65a0930b121cf4d610c70b2d07165e4d335dece4344590b471d078fa5b5",
            "versions": [
                "1.0.4"
            ]
        },
        {
            "ranges": [
                {
                    "type": "SEMVER",
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ]
                }
            ],
            "id": "GHSA-9mh8-xw8w-jh9g",
            "source": "ghsa-malware",
            "import_time": "2026-07-07T17:01:10.275149713Z",
            "modified_time": "2026-07-07T16:13:59Z",
            "sha256": "4cdfeaff9ba72cf95d0e701523049f137b60eadc9b54950e7c20ec3c87b59758"
        }
    ]
}
References
Credits

Affected packages

npm / syco1

Package

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.0.3
1.0.4

Database specific

indicators
{
    "evidence_files": [
        {
            "path": "pointer.py",
            "tlsh": "b0e2da05ec0d0896c473de2e5852a863ff1a0b435a1e9e57f8bc99905f743078ae4ef9",
            "sha256": "68c4767f15be3ed8563073a099930a4e045e8adcce97f0311334fa5c126f7544"
        },
        {
            "path": "index.js",
            "tlsh": "de8150075a95a234ed7247a99b07212be517a073b100e69cbcbe83840f76945c073fee",
            "sha256": "6044ff1e5d1929c7e31b6e77a4c000ae9400229fbd5733821f88fd2bad8f4cea"
        },
        {
            "path": "package.json",
            "tlsh": "16e08633c9615c5354b48ba29a368b05b571cf7f00254c0f30fb601c97b35b245bab6d",
            "sha256": "9553849127be1669bc2ccd582fc768ad76e76d0d9e14f570d675b2cee453dd26"
        }
    ],
    "package_integrity": [
        {
            "filename": "syco1-1.0.3.tgz",
            "hashes": {
                "sha1": "b9b794865d66c58b72e272e9dcda26d82885a323",
                "sha512_sri": "sha512-pAG4JUzNOQ84xkN14C6KKcaWH4mR5tIK8kgAiqq5rseePZjf0/YQcrjR2yuuY41EykOZhNa28NUCIuaXEmhBOA=="
            }
        }
    ]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/syco1/MAL-2026-6404.json"
cwes
[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code"
    }
]