VYPR

npm · Malicious package advisory

Malware

twokey

MAL-2026-4697

Malicious code in twokey (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (20c6d8e22fd03dd5ff39bac81bcbffd05db3b2a08dcf9768332094ffcca4eebd)
The package's postinstall hook unconditionally executes `node bin/twokey.js --desktop --enable-autostart`, which performs three install-time actions without prompting the installer: (1) fetches `https://api.github.com/repos/meinzeug/twokey/releases/latest`, downloads the resulting AppImage to `~/.local/share/twokey/bin/twokey-ai.AppImage`, chmods it 0755, and spawns it detached with stdio ignored — the URL is the mutable 'latest' endpoint, not pinned to the npm package version, and no hash or signature verification is performed; (2) writes `~/.config/systemd/user/twokey.service` and runs `systemctl --user daemon-reload && systemctl --user enable twokey.service` so the auto-downloaded AppImage runs on every boot; (3) when invoked via sudo, re-spawns itself as the original user via `sudo -u $SUDO_USER -H node bin/twokey.js --desktop --enable-autostart` with `XDG_RUNTIME_DIR` and `DBUS_SESSION_BUS_ADDRESS` injected, extending the install footprint into the desktop user's session. The destination repo matches the publisher and the binary is consistent with the package's stated Tauri-desktop purpose, but the combination of mutable-URL fetch + no integrity check + silent execution + persistence install means the installer receives, executes, and persistently autostarts whatever bytes the `releases/latest` pointer resolves to at install time — fully decoupled from the npm version they thought they vetted.

Compromised versions (5)

  • 1.0.11
  • 1.0.8
  • 1.0.5
  • 1.0.10
  • 1.0.7

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.