npm · Malicious package advisory
Malwareepic-internal-tools
MAL-2026-6737
Malicious code in epic-internal-tools (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (c8936b0c0d22097170c5eb02c9b183611934e59e7a3c97f94e3a269e13f0d4d5) The package.json preinstall script auto-executes on `npm install` and performs installer-side reconnaissance and credential theft. It collects os.hostname(), username, cwd, platform, node version, npm user-agent, and CI indicators (GITHUB_ACTIONS, JENKINS_URL, TEAMCITY_VERSION, HORDE_AGENT), then enumerates process.env and selects up to 30 variables matching credential-shaped patterns (AWS_, GITHUB_, GH_, NPM_, EPIC_, UE_, HORDE_, P4, CI, BUILD, TOKEN, KEY, SECRET). The collected JSON is POSTed over plain HTTP to a hardcoded bare-IP endpoint at http://109.123.247.172/npm/epic_internal_tools. In parallel, it performs a DNS lookup against <host>-<user>.epic_internal_tools.npm.epic-dc.oast.fun, using an interactsh-style out-of-band collector to smuggle host and user identifiers via DNS as a covert channel that bypasses HTTP egress filtering. The package name `epic-internal-tools`, the sentinel version `99999.0.0`, and the Epic/Unreal/Horde/Perforce env-var targeting are the standard dependency-confusion pattern aimed at Epic Games internal build agents. Installing this package on a developer workstation or CI runner ships CI/cloud/registry credentials and host identity to attacker infrastructure. ## Source: ghsa-malware (cf37416af81dba8f2b8a2d792aa6f190551237d659204e17e2698f69fbb6d1b7) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. ## Source: ossf-package-analysis (8e96ac07cfb3a5132ff46542a6feca17f9b907b20596d713cd89063840ff2b47) The OpenSSF Package Analysis project identified 'epic-internal-tools' @ 99999.0.0 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity.
Compromised versions (1)
- 99999.0.0
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.