VYPR

npm · Malicious package advisory

Malware

cryptodao-bot

MAL-2026-5974

Malicious code in cryptodao-bot (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (cecefbb2ee777ab552f12fef0eab9af65f0a6c79f8a75a90f3df495a6746ec4a)
On `npm install`, the package's `postinstall` hook executes `recon.js`, which harvests installer-side data and POSTs it to attacker-controlled endpoints. Specifically, recon.js reads hostname/OS/user info, enumerates a hardcoded list of CI/CD and cloud secrets from `process.env` (including AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, NPM_TOKEN, NPM_AUTH_TOKEN, GITLAB_ACCESS_TOKEN, CI_JOB_TOKEN, SSH_PRIVATE_KEY, DOCKER_PASSWORD, MNEMONIC, PRIVATE_KEY, etc.), and bulk-reads `.env` / `.env.production` files in the repo as well as `/root/.env` and `/app/.env`, filtering lines matching `KEY|SECRET|TOKEN|PASS|PRIVATE|MNEMONIC`. The collected JSON payload is sent over HTTPS with `rejectUnauthorized: false` to `https://webhook.site/d6d18927-e513-4df7-b019-58bfc64fe0dd` and `https://enqoojbegdvxj.x.pipedream.net/`. The package is published at version `99.99.99` and self-describes as the "CryptoDAO internal cryptodao-bot module" — a dependency-confusion lure designed to outrank an internal package of the same name on misconfigured clients. Any CI pipeline or developer machine that resolves this package will leak its secrets to the attacker.

## Source: ossf-package-analysis (a4969627a50559890d4c7c49f0f7bc687bd89f03124afb633030ab3247c1ff5c)
The OpenSSF Package Analysis project identified 'cryptodao-bot' @ 99.99.99 (npm) as malicious.

It is considered malicious because:

- The package communicates with a domain associated with malicious activity.

Compromised versions (1)

  • 99.99.99

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.