npm · Malicious package advisory
Malwarepipo-sdk
MAL-2026-7000
Malicious code in pipo-sdk (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (259159c0505b819905dcaf53172d98a4fd590a9ae1a40f87d2be4c1a7fdc4065) This package is a dependency-confusion payload published at an abnormally high version (9999.0.0) targeting an internal package name (`pipo-sdk`). The `preinstall` lifecycle hook runs `node callback.js || true`, which collects host identity — hostname, username, platform, and current working directory — via `os.hostname()`, `os.userInfo()`, and `os.platform()`, and transmits that data to `pbnuwvwzmktaetcsjyyjlhncsf843r5a5.oast.fun` by two channels: (a) a DNS resolution of a subdomain encoding the collected fields under the OAST domain, and (b) an HTTPS POST of a JSON body containing the same fields. Any host that runs `npm install` — for example, an internal build system whose resolver picks the public 9999.0.0 over a legitimate internal version — will silently beacon its identity to the third-party OAST endpoint. The bug-bounty / research framing in the package metadata does not change the installer-side behavior: unsolicited host-identity exfiltration fires on install regardless of consent, and the resolver-hijack version pin ensures the payload is preferred over legitimate internal artifacts.
Compromised versions (1)
- 9999.0.0
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.