npm · Malicious package advisory
Malwarecheckout-signer
MAL-2026-5436
Malicious code in checkout-signer (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (f6add4dfcaaf79ce107ac8026032b47540def183a121be2266891644c90f10c8) Package replicates the API surface of an internal Exodus package (`generateMnemonicSigningKeys`, `signDirectPaymentMultiChain`, `signCapture`, `signRefund`, `signCharge`, `signCancelSubscription` exported from `src/index.js`), where each export throws an error rather than implementing the real signing logic. On `npm install`, `src/canary.js` (line 6) performs a DNS lookup and HTTPS GET to a hardcoded serveo.net tunnel host (`https://96e03fa6c292469a-172-245-86-254.serveousercontent.com/canary-install`), sending the package name and version. Any organization that pulls this from the public registry believing it to be the internal Exodus dependency reveals their install (org / CI host identification via DNS + HTTPS source) to the operator of the tunnel. README claims the package performs only a DNS lookup with no data transmission, contradicting the actual HTTPS GET with query parameters. The beacon destination is a mutable serveo tunnel pointing at a residential-style IP (172.245.86.254), which is operator-controllable infrastructure rather than a stable vendor endpoint. Regardless of any stated 'authorized research' framing, the structure — divergent-API namespace-abuse shape plus an unconsented install-time beacon to a tunneling host — is the live dependency-confusion attack pattern.
Compromised versions (1)
- 99.0.0-canary.1
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.