VYPR

npm · Malicious package advisory

Malware

@zimmo/last_search

MAL-2026-5328

Malicious code in @zimmo/last_search (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (dbddb0ebcd12d13ef5eb1f2cb4e0e41f49b00808e4d23a15b5c22b7ecb23da4d)
The package's preinstall hook runs index.js on every `npm install`. The script collects host identity data — `os.hostname()`, `os.userInfo().username`, `__dirname`, `process.cwd()`, and the package name — and ships it two ways: (1) hex-encoded into a DNS subdomain resolved against `*.d8jbmnsqcfu78dfs8vdg34ohqhirb4pbg.oast.live` (an interactsh out-of-band canary), and (2) POSTed as JSON to the hardcoded bare IP `http://172.201.213.59:9090/c`. The package has no legitimate functionality — index.js is an exfiltration-only payload. The inflated `99.0.0` version under the `@zimmo` scope, combined with the `"security research"` description and recon-only payload, is the canonical dependency-confusion shape: if a build pipeline at Zimmo (or a misconfigured installer) resolves the `@zimmo/last_search` name from the public npm registry instead of an internal one, the attacker receives internal hostnames, usernames, and install paths as reconnaissance for a follow-on attack.

## Source: ossf-package-analysis (daa94c8fc8cb74e07464808cfbe936d15c1f9814981aaa7c41264d6246edfae4)
The OpenSSF Package Analysis project identified '@zimmo/last_search' @ 99.0.1 (npm) as malicious.

It is considered malicious because:

- The package communicates with a domain associated with malicious activity.

Compromised versions (2)

  • 99.0.1
  • 99.0.0

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.