VYPR

npm · Malicious package advisory

Malware

aonote

MAL-2026-4480

Malicious code in aonote (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (df30872a579b6ce2419993ff9bad621f42347097dd43551a26583223e6a98a7b)
package.json declares `"preinstall": "./scripts/postbuild"`, where `scripts/postbuild` is a 976KB UPX-packed Linux x86-64 ELF (sha256 36abd242...) shipped in the tarball with no source, no documentation, and no relation to the package's stated purpose (a JavaScript Arweave/AO note SDK). The binary executes unconditionally on every `npm install` on Linux. Strings inside the binary include kernel/loader paths (`/lib64`, `nux-x86-`), UPX self-tag (`http://upx.sf.net`), eBPF and ptrace symbols (`LIBBPF_0.0`, `_PTRACE`), cryptographic primitives (`RSA_PKCS1_`, `Ed25519`, `MLKEM`), HTTP client strings (`HTTP/1.1`), and host-identity references (`USERPROFILE`, `BY_FAMILY`). Package metadata is hollow (`description: ""`, `author: ""`), consistent with a hijack of a previously-legitimate name or an attacker-published lure. A JS SDK has no legitimate need to execute an opaque packed native binary at install time; the UPX packing additionally hides the payload from static review. Any developer or CI pipeline running `npm install aonote` on Linux executes attacker-controlled native code with the invoking user's privileges.

## Source: google-open-source-security (146faaf0d97c6a533a969bc3f3f117811f9317dc865ed4ab37f1679842ddeaae)
This package was compromised as part of the IronWorm campaign. This campaign executes a malicious binary payload during installation via a preinstall hook. The payload is a Rust-built infostealer that targets developer environments, scanning for and harvesting credentials related to cloud providers, object storage, databases, source-control, package registries, and AI developer tools. It also targets cryptocurrency wallets, specifically injecting a malicious JavaScript hook into the Exodus desktop wallet to capture passwords and recovery phrases. Furthermore, the malware exhibits worm-like behavior by stealing GitHub and NPM credentials to push malicious updates to the victim's repositories and publish trojanized packages, and it uses an eBPF-based kernel rootkit to hide its processes and network connections on Linux systems.

Compromised versions (1)

  • 0.11.1

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.