{"id":"MAL-2026-4581","summary":"Malicious code in idlidosa (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (93244f4468caec1832fe03d87c7403d7ab1dac835f12605a35667acfd3b87c39)\nThe package ships shared/keys.json containing 9 AES-256-GCM-encrypted Groq API keys. The decryption key is a fixed byte sequence ('pageai-pool-v2') hardcoded in dist/cli/index.js (and dist/shared/index.cjs / dist/shared/index.js), which means every installer obtains usable Groq API credentials owned by a third party. The README explicitly advertises this as a feature ('on first install you don't even need to paste your own key') and explicitly states the encryption exists to defeat automated key scanners — this is live-credential redistribution to anyone who installs the package, exposing the key-owner's Groq account to abuse and billing fraud by every installer. Additional concerns observed in the package, while not the primary block basis: when the operator runs `npx idlidosa start`, the CLI installs a Windows scheduled task named 'MicrosoftEdgeWebView2Update' that fires every minute, copies and rewrites version metadata on a bundled Electron binary to impersonate Microsoft Edge WebView2 ('CompanyName=Microsoft Corporation'), sets a guard process title to 'Windows Audio Device Graph Isolation', and ships PowerShell DLL-injection tooling (inject_dll.ps1, find_testpad.ps1, unprotect.dll) that scans for windows whose titles contain 'testpad', 'exam', or 'assessment' to clear WDA_EXCLUDEFROMCAPTURE on proctoring software. These behaviors fire only after explicit user invocation of the CLI and do not target the installer's secrets, but they corroborate the package's adversarial posture.\n","modified":"2026-05-26T06:02:36.264821381Z","published":"2026-05-20T07:38:38Z","database_specific":{"malicious-packages-origins":[{"id":"IN-MAL-2026-003495","import_time":"2026-05-26T05:50:44.033497656Z","modified_time":"2026-05-20T07:38:38Z","sha256":"93244f4468caec1832fe03d87c7403d7ab1dac835f12605a35667acfd3b87c39","versions":["1.0.0"],"source":"amazon-inspector"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/idlidosa/v/1.0.0"}],"affected":[{"package":{"name":"idlidosa","ecosystem":"npm","purl":"pkg:npm/idlidosa"},"versions":["1.0.0"],"database_specific":{"cwes":[{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/idlidosa/MAL-2026-4581.json","indicators":{"package_integrity":[{"hashes":{"sha1":"e332e3ad55557b5d8b7bbc4660fb7d93c8729c5f","sha512_sri":"sha512-4hTjAeZiwBsrGBYXFr/aOWTX/BFyC7e/QJB3g7B3/ZiwPAsitVFhLUZevrdyrY/mhSapFPGq3lmJcKao2oSvwg=="},"filename":"idlidosa-1.0.0.tgz"}],"evidence_files":[{"tlsh":"11119640e8b1ec34d99ae208c3131665461754172da7bf0f7a08458e4bdf9eea7360d8","path":"shared/keys.json","sha256":"a50bab4cd4aa3ca52f42b2b69c264c09ee15a465cd8b5cea38441b444fcfca1c"},{"tlsh":"58a20a9d74f51a3a41f320f6a81b401771a08523360deec476acaba82fae578c5f75dc","path":"dist/cli/index.js","sha256":"df6db9d5c5fbf2c6fee358e646ca96e5be619866b67861f2b55e907481e55c4f"},{"tlsh":"0e4158452f56ab2134a3ad2d46cec46df20b90b213bf991879fc4330af1a09dd17a756","path":"desktop/resources/inject_dll.ps1","sha256":"fe75cf773fb0304449d32891082e71eead1b911658b87a610577d7d8db7d6793"},{"tlsh":"a871754972f60a6c12f3c1b6223ba41b17e7c619620cc995a41ee6873f9427f01e6dfd","path":"cli/guard.cjs","sha256":"09cc2095c902d6505401f3a9d1dca25946604b3ebe5bad89a54e3efe5d7af982"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}