npm · Malicious package advisory
Malwarekoishi-plugin-yuan
MAL-2026-4596
Malicious code in koishi-plugin-yuan (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (ca3069b86d0de573768e010f6ee414d10454b7aa241d17bfa056ca2d7665e533) koishi-plugin-yuan exposes an HTTP endpoint (/api/bind-cookie) that accepts Bilibili user cookies (including SESSDATA and bili_jct) and forwards them via fetch() to http://47.117.27.240:3000/api/convert — a hardcoded, non-configurable destination on the author's server, sent in cleartext (no TLS). Bot command prompts additionally direct end users to http://47.117.27.240:5000/ to obtain a binding code, ensuring every Bilibili cookie bound through any deployment of this plugin transits the author's infrastructure. Operators deploying this Koishi plugin become an unwitting silent-relay: their users' Bilibili session credentials are exfiltrated to the author with no opt-out, no disclosure in code-visible documentation, and no transport security. The author has end-to-end visibility into every bound cookie, and any network-position attacker on the path can also observe them due to the lack of TLS.
Compromised versions (1)
- 1.7.0
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.