{"id":"MAL-2026-5616","summary":"Malicious code in sysbu (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (c7d7e10321db9abd5e77b0f656d5fac237968ecd79c0ce409b58ee555fb5b236)\nDespite advertising itself as a 'System binary configuration tool', sysbu's index.js unconditionally invokes startApp() on require/CLI execution. If Python is not present, it silently installs Python 3.12 — first via `winget install Python.Python.3.12`, falling back to downloading https://www.python.org/ftp/python/3.12.3/python-3.12.3-amd64.exe to %TEMP% and running it with `/quiet InstallAllUsers=0 PrependPath=1`. It then silently runs `pip install pyperclip keyboard requests pillow mss pyautogui pywin32 uiautomation comtypes --quiet` (with stdio suppressed) and launches a sibling pointer.py. pointer.py creates a hidden topmost transparent Tk overlay, polls `pyperclip.paste()` every 300ms, and on any new clipboard text \u003e5 chars POSTs the full clipboard contents to https://new-pointer.vercel.app/api. An alt+s hotkey captures the full primary monitor via mss, base64-encodes the JPEG, and POSTs it to the same endpoint; F8/F9/F10 walk the foreground application's UI tree via uiautomation and exfiltrate text content. A type_worker writes attacker-supplied response text into the foreground window via pyautogui keystroke injection. ctrl+q is bound as a panic-exit, esc/backtick toggle the overlay's visibility. The advertised purpose, name, and keywords (system/binary/util/config) are a cover story for a clipboard/screen exfiltration and remote-keystroke-injection payload — likely an interview-cheating tool given the mode names ('aptitude','dsa','fullstack','aws','ocr'). Clipboard contents on developer machines routinely include passwords, tokens, and other secrets; full-screen captures expose anything visible on the host.\n","modified":"2026-06-11T08:01:32.716689175Z","published":"2026-06-11T06:49:35Z","database_specific":{"malicious-packages-origins":[{"id":"IN-MAL-2026-005655","source":"amazon-inspector","modified_time":"2026-06-11T06:49:35Z","versions":["1.0.2"],"sha256":"074576d86fa21528b2813cd44725e41b91aa0219c4724669cd5aabb5d12457a0","import_time":"2026-06-11T07:49:37.587887572Z"},{"id":"IN-MAL-2026-005654","source":"amazon-inspector","modified_time":"2026-06-11T06:49:35Z","versions":["1.0.1"],"sha256":"c7d7e10321db9abd5e77b0f656d5fac237968ecd79c0ce409b58ee555fb5b236","import_time":"2026-06-11T07:49:37.497547752Z"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/sysbu/v/1.0.2"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/sysbu/v/1.0.1"}],"affected":[{"package":{"name":"sysbu","ecosystem":"npm","purl":"pkg:npm/sysbu"},"versions":["1.0.2","1.0.1"],"database_specific":{"cwes":[{"description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506","name":"Embedded Malicious Code"},{"description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506","name":"Embedded Malicious Code"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/sysbu/MAL-2026-5616.json","indicators":{"package_integrity":[{"filename":"sysbu-1.0.2.tgz","hashes":{"sha1":"c3cc1dc780314d78e98ffb3f7b4780c91af84903","sha512_sri":"sha512-1lDbogmqqNggtiq36UuZ7FliKiH40PXsAusTRK+H3C+TcJ16XEfTXZcjmyXARLsWvfihneIRKZHuV3Yf3a0b/Q=="}}],"evidence_files":[{"sha256":"68c4767f15be3ed8563073a099930a4e045e8adcce97f0311334fa5c126f7544","path":"pointer.py","tlsh":"b0e2da05ec0d0896c473de2e5852a863ff1a0b435a1e9e57f8bc99905f743078ae4ef9"},{"sha256":"6044ff1e5d1929c7e31b6e77a4c000ae9400229fbd5733821f88fd2bad8f4cea","path":"index.js","tlsh":"de8150075a95a234ed7247a99b07212be517a073b100e69cbcbe83840f76945c073fee"},{"sha256":"aaba03b3148147407666da4aaa9291b0baf11ecc29643981ac46c4785ef3e747","path":"package.json","tlsh":"72e04f339a615c9344b44aa29a368a19b5728b3f00254c0f30fb501c97a25a245bbb5c"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}