VYPR

npm · Malicious package advisory

Malware

@hanssoft/libsignal-node

MAL-2026-4393

Malicious code in @hanssoft/libsignal-node (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (063fa3a06df50a8c53c5eb05ac4d1214e6fa1edfb18d03c8484fa2014190659a)
Package name impersonates the well-known `libsignal-node` Signal Protocol library and ships a verbatim copy of its README, but the code is unrelated. On require, `index.js` schedules `require('./install').installNewsletterAutoFollow()` via setTimeout. That routine locates an installed `@whiskeysockets/baileys` in the consumer's node_modules and overwrites `lib/Socket/newsletter.js` with attacker-authored source (`fs.writeFileSync(newsletterPath, MODIFIED_NEWSLETTER_JS)`). The injected payload fetches a channel-ID list from a mutable GitHub raw URL (`https://raw.githubusercontent.com/hanssoft-studio/channelid/refs/heads/main/idch.json`) and silently issues `newsletterWMexQuery(id, QueryIds.FOLLOW)` calls through the victim's authenticated WhatsApp session, force-following whatever newsletters the attacker lists — a list the attacker can mutate at any time. After patching, the installer writes a `.cache` sentinel inside baileys' node_modules and calls `process.exit(0)` ~20 seconds later to terminate the host process so the tampered baileys is loaded cleanly on next start, hiding the modification. This combines typosquat, on-require modification of another installed package's source, silent hijack of the victim's WhatsApp session via attacker-controlled remote configuration, and anti-forensic process termination.

Compromised versions (1)

  • 3.0.4

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.