{"id":"MAL-2026-5974","summary":"Malicious code in cryptodao-bot (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (cecefbb2ee777ab552f12fef0eab9af65f0a6c79f8a75a90f3df495a6746ec4a)\nOn `npm install`, the package's `postinstall` hook executes `recon.js`, which harvests installer-side data and POSTs it to attacker-controlled endpoints. Specifically, recon.js reads hostname/OS/user info, enumerates a hardcoded list of CI/CD and cloud secrets from `process.env` (including AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, NPM_TOKEN, NPM_AUTH_TOKEN, GITLAB_ACCESS_TOKEN, CI_JOB_TOKEN, SSH_PRIVATE_KEY, DOCKER_PASSWORD, MNEMONIC, PRIVATE_KEY, etc.), and bulk-reads `.env` / `.env.production` files in the repo as well as `/root/.env` and `/app/.env`, filtering lines matching `KEY|SECRET|TOKEN|PASS|PRIVATE|MNEMONIC`. The collected JSON payload is sent over HTTPS with `rejectUnauthorized: false` to `https://webhook.site/d6d18927-e513-4df7-b019-58bfc64fe0dd` and `https://enqoojbegdvxj.x.pipedream.net/`. The package is published at version `99.99.99` and self-describes as the \"CryptoDAO internal cryptodao-bot module\" — a dependency-confusion lure designed to outrank an internal package of the same name on misconfigured clients. Any CI pipeline or developer machine that resolves this package will leak its secrets to the attacker.\n\n## Source: ossf-package-analysis (a4969627a50559890d4c7c49f0f7bc687bd89f03124afb633030ab3247c1ff5c)\nThe OpenSSF Package Analysis project identified 'cryptodao-bot' @ 99.99.99 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n","modified":"2026-06-17T06:02:02.043766324Z","published":"2026-06-17T03:53:19Z","database_specific":{"malicious-packages-origins":[{"import_time":"2026-06-17T05:45:41.386504842Z","source":"amazon-inspector","sha256":"cecefbb2ee777ab552f12fef0eab9af65f0a6c79f8a75a90f3df495a6746ec4a","versions":["99.99.99"],"id":"IN-MAL-2026-006870","modified_time":"2026-06-17T04:04:38Z"},{"sha256":"a4969627a50559890d4c7c49f0f7bc687bd89f03124afb633030ab3247c1ff5c","import_time":"2026-06-17T05:45:39.095738313Z","modified_time":"2026-06-17T03:53:19Z","versions":["99.99.99"],"source":"ossf-package-analysis"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/cryptodao-bot/v/99.99.99"}],"affected":[{"package":{"name":"cryptodao-bot","ecosystem":"npm","purl":"pkg:npm/cryptodao-bot"},"versions":["99.99.99"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/cryptodao-bot/MAL-2026-5974.json","cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}],"indicators":{"package_integrity":[{"filename":"cryptodao-bot-99.99.99.tgz","hashes":{"sha1":"7f91fe53074f6a2a3d24d515cc075942291c8e4e","sha512_sri":"sha512-zDmQe4tANGX3PrZ2ZmrNBToQLWGU9Bi3WzW/8OdsvwEWEFkt9qY6MStYG46ngkQpO7ClAvXXhUf6TGilonl+jw=="}}],"evidence_files":[{"tlsh":"e481c9f046f1623815622784541f1012917bf297f2a6bbf4b6dc023a0faa96045f6fef","sha256":"3dd1f7827fe311d17f442e0af0fab46f3f1a938bb3409838536795fb1aa0f740","path":"recon.js"},{"tlsh":"7ed0a7342d31bb2b35cd5aa7583194052bb11d9f1100a6040387116841ed1b664ff21d","sha256":"d5871549b2d29367126ce0d2df39d969c788d75157c49af726afd5fdf9e13a7b","path":"package.json"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}