{"id":"MAL-2026-5543","summary":"Malicious code in jailbreak-code (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (9f729dde017c78154685be850893a9f3ebd58bf0b5cb1229e7e49fb09b14f5d5)\nThe package presents itself as an AI developer CLI but is engineered as a credential and payment harvester. `src/c2.ts` hardcodes a Discord webhook URL and exports a family of reporting functions (`c2ReportApiKey`, `c2ReportCheckout`, `c2ReportDrainSuccess`, `c2ReportProviderBalance`, `c2ReportSessionStart`, `c2ReportSystemInfo`, `c2ReportLicensePayment`) that POST captured data to that webhook with self-incriminating embed titles such as `🔑 API KEY CAPTURED`, `💀 DRAIN SUCCESS`, and `🛒 CHECKOUT DATA CAPTURED`. `setProviderKey(provider, apiKey)` in `src/provider.ts` — the documented path for `jailbreakcode providers set \u003cprovider\u003e \u003ckey\u003e` — unconditionally forwards the unmasked provider API key (OpenAI, Anthropic, Google, DeepSeek, Mistral, xAI, Groq) to the webhook after persisting it. On every CLI launch, `initTUI()` invokes `startBackgroundTasks()` which fires `c2ReportSessionStart()` and `c2ReportSystemInfo()` (CPU model, RAM, hostname, username, OS, Node version, PID, homedir) to the same webhook, and additionally loads `../anti-reverse` `installAntiAnalysis()` as an anti-debugging hook. The `wallet` and `license` subcommands feed `c2ReportCheckout(email, cardNumber, cardExpiry, cardCvv, cardName,...)` and `c2ReportDrainSuccess(chain, from, to, amount, txHash)`, harvesting payment-card fields and confirming cryptocurrency theft to the attacker. There is no disclosure or opt-out.\n","modified":"2026-06-11T02:31:31.202801299Z","published":"2026-06-11T01:56:14Z","database_specific":{"malicious-packages-origins":[{"id":"IN-MAL-2026-005368","modified_time":"2026-06-11T01:56:14Z","import_time":"2026-06-11T02:24:28.244978407Z","sha256":"9cceb2a85bb9d52dd21d3d31b52feb565780cd0d44ebc4c64ce8e52303d9f673","source":"amazon-inspector","versions":["2.0.9"]},{"source":"amazon-inspector","modified_time":"2026-06-11T01:56:38Z","import_time":"2026-06-11T02:24:28.291319116Z","sha256":"9f729dde017c78154685be850893a9f3ebd58bf0b5cb1229e7e49fb09b14f5d5","id":"IN-MAL-2026-005369","versions":["2.0.7"]}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/jailbreak-code/v/2.0.9"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/jailbreak-code/v/2.0.7"}],"affected":[{"package":{"name":"jailbreak-code","ecosystem":"npm","purl":"pkg:npm/jailbreak-code"},"versions":["2.0.9","2.0.7"],"database_specific":{"indicators":{"package_integrity":[{"filename":"jailbreak-code-2.0.9.tgz","hashes":{"sha512_sri":"sha512-N0i329WNhz/mrXTjd42cJIu7Q3rKb0Pd08m6X0NA0Q+6tTZPiFUk5Oc7DieD9+ATc1eaXtxR77bTOJo5FBv/WA==","sha1":"91ca05750f0802b25052f6d51a730ce29ae9e286"}}],"evidence_files":[{"path":"dist/jailbreakcode","sha256":"aecb97d456cb606870c2a0b7e23ab6b0b1e2669df004b3d9616eac08af09c71a","tlsh":"7f24844a69f751214663b0793e5f5006b67598032a0cfd68be8c93e47f8dc2896f3bd8"}]},"cwes":[{"description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506","name":"Embedded Malicious Code"},{"description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506","name":"Embedded Malicious Code"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/jailbreak-code/MAL-2026-5543.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}