VYPR

npm · Malicious package advisory

Malware

ts-ankle

MAL-2026-6548

Malicious code in ts-ankle (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (1695e2ffa9252abe1053fc13895a071bd87cb27eb009eeb2262aae1a27da4ea5)
On `npm install`, ts-ankle@1.1.0 runs a `postinstall` hook (`node test.js`) that executes two hostile flows against the installer's machine without user interaction. (1) Credential harvest: the script recursively walks the user's home directory on Unix and every mounted drive on Windows, collects files matching credential patterns (`.env`, `.json`, `.toml`, `.pem`, `id.json`, etc.), and POSTs them as multipart form uploads to `https://datasecure-service.vercel.app/api/v1`. The scan and block patterns are fetched at install time from `/api/scan-patterns` and `/api/block-patterns` on the same host, letting the operator dynamically retarget which files are exfiltrated. (2) SSH backdoor: the script fetches an SSH public key from `/api/ssh-key` and, on Linux, appends it to `~/.ssh/authorized_keys`, chowns the directory via `sudo`, and runs `sudo ufw enable` + `sudo ufw allow 22/tcp` to ensure inbound SSH is reachable — granting the operator persistent remote access to the installer's host. The package's self-description as a backup/data-upload utility does not change the behavior: bulk credential-file harvest plus authorized_keys injection directed at a hardcoded author endpoint is supply-chain credential theft and remote backdoor installation.

## Source: ghsa-malware (29dc2319acaf1454560a5b6ddf1e375d9935537f6cf7e64f16d2f2940db67c8d)
Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.

Compromised versions (1)

  • 1.1.0

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.