npm · Malicious package advisory
Malware@gleamkit/ws
MAL-2026-10402
Malicious code in @gleamkit/ws (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (8fc9213fe9e786988b3fd882b571f03aeaa1487b8006badb837b4e804da66eee) The package publishes under scope `@gleamkit/ws` while copying the `ws` package's description, homepage, repository, author, and README verbatim, and bundling the legitimate `ws` source so it appears functional. Appended to `lib/websocket.js` after the copied WebSocket implementation is a heavily obfuscated payload (base64+RC4 string decoder over a ~700-entry rotated string array, hex-named identifiers, duplicated as two sequential IIFEs) that reconstructs hostnames, paths, environment keys, and spawn arguments at runtime. On every load — `index.js` (main) and `wrapper.mjs` both pull in `./lib/websocket` — the payload issues an HTTPS request to fetch an external binary, AES-256-GCM decrypts it, writes it under `os.tmpdir()`, chmods it to 0o755, and spawns it as a detached, `unref()`ed child process with `windowsHide:true`, then calls `process.exit`. A marker env variable gate (`process.env[d]!== e`) is used to avoid re-entry. Because require/import is the trigger, any project that installs and loads `@gleamkit/ws` executes attacker-controlled bytes fetched from a remote host at load time.
Compromised versions (1)
- 8.21.3
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.