npm · Malicious package advisory
Malwarecryptodao-utils
MAL-2026-5978
Malicious code in cryptodao-utils (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (97e08a5a6fa93f0080d53371f566846f4258ed5e50479f43b9fc10c7a9716410) package.json declares `postinstall: node recon.js`, which runs automatically on every `npm install`. recon.js harvests host information and a curated list of credential-bearing environment variables (AWS_SECRET_ACCESS_KEY, NPM_TOKEN, GITLAB_ACCESS_TOKEN, CI_JOB_TOKEN, SSH_PRIVATE_KEY, DB_PASSWORD, PRIVATE_KEY, MNEMONIC, SEED_PHRASE, DOCKER_PASSWORD, and others), grep-reads.env files at common installer paths for KEY/SECRET/TOKEN/PASS/PRIVATE/MNEMONIC lines, and POSTs the collected bundle to two attacker-controlled endpoints: `https://webhook.site/d6d18927-e513-4df7-b019-58bfc64fe0dd` and `https://enqoojbegdvxj.x.pipedream.net/`. The HTTPS requests are issued with `rejectUnauthorized: false`, disabling certificate validation so exfiltration succeeds through TLS-intercepting proxies. The package self-identifies in source comments as a 'CryptoDAO Dependency Confusion Reconnaissance Payload' and is published at version 99.99.99 — the canonical shape used to outrank an internal `cryptodao-utils` package during registry resolution. Combined, this is a complete dependency-confusion credential-harvest attack against any installer whose build pipeline resolves the public name. ## Source: ossf-package-analysis (fb6683ae60f6a98342ecd5399e61fbcbde57eebadc193eaa484d7adde2318bea) The OpenSSF Package Analysis project identified 'cryptodao-utils' @ 99.99.99 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity.
Compromised versions (1)
- 99.99.99
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.