{"id":"MAL-2026-5980","summary":"Malicious code in gpu-accelerator (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (ab0d6b253674f5eef505fbffb76003d2071569fd9d8abdf8993197738bb27759)\nThe package advertises itself as a PostCSS plugin for CSS hardware-acceleration hints, but its only legitimate behavior is a 3-line walkDecls that adds `will-change: transform`. When the plugin factory in lib/index.js is invoked (which happens automatically when a developer wires the plugin into their PostCSS pipeline), it reads assets/driver-shim.bin (a 55,928-byte comma-separated integer list), XOR-decodes every byte with 0xA5 to recover ~56 KB of JavaScript source, and executes that source via `vm.Script(...).runInContext(...)` with `require`, `process`, `console`, and `Buffer` exposed in the context — granting the decoded code full Node privileges including filesystem and network access. Decoding confirms the bytes are JavaScript source (recurring `function` and `require` tokens, quoted module names). Before decoding, lib/index.js:18-21 checks `process.env.CI || process.env.CONTINUOUS_INTEGRATION` and `!process.stdout.isTTY` and returns early in those cases — a deliberate sandbox-evasion gate that keeps the payload dormant on CI runners and automated scanners while firing on interactive developer workstations. The combination of (a) a cover-story package whose advertised purpose is unrelated to its actual code, (b) an XOR-obfuscated executable blob shipped as a.bin asset, (c) vm.Script execution of that blob with full Node capabilities, and (d) a CI/headless evasion gate is the canonical supply-chain attack fingerprint.\n","modified":"2026-06-17T06:02:03.304590708Z","published":"2026-06-17T04:26:18Z","database_specific":{"malicious-packages-origins":[{"id":"IN-MAL-2026-006890","import_time":"2026-06-17T05:45:42.620767696Z","source":"amazon-inspector","versions":["1.4.4"],"modified_time":"2026-06-17T04:26:28Z","sha256":"66902224a57ea11ec1dfb7f05ba35202d6ab70c39d101d35b68dbe5e2b3e2f5f"},{"sha256":"86fe9c9369454bfb2bba18da9d8b21dee61004bd897a8cf62c0d1661bc5a2e2f","import_time":"2026-06-17T05:45:42.328507803Z","source":"amazon-inspector","versions":["1.4.6"],"modified_time":"2026-06-17T04:26:18Z","id":"IN-MAL-2026-006886"},{"id":"IN-MAL-2026-006888","import_time":"2026-06-17T05:45:42.514692376Z","source":"amazon-inspector","versions":["1.4.2"],"modified_time":"2026-06-17T04:26:23Z","sha256":"9c838fde05746cf2beec757a3c2b29e9736abdca2665e639a5ae5e5870ce269d"},{"id":"IN-MAL-2026-006887","import_time":"2026-06-17T05:45:42.444485259Z","modified_time":"2026-06-17T04:26:22Z","versions":["1.4.7"],"source":"amazon-inspector","sha256":"ab0d6b253674f5eef505fbffb76003d2071569fd9d8abdf8993197738bb27759"},{"sha256":"cdf785e83cbfda56c6dd7bf4bfe31861d94a60757517f009215101e85b7de0c4","import_time":"2026-06-17T05:45:42.579522449Z","modified_time":"2026-06-17T04:26:23Z","versions":["1.4.5"],"source":"amazon-inspector","id":"IN-MAL-2026-006889"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/gpu-accelerator/v/1.4.4"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/gpu-accelerator/v/1.4.6"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/gpu-accelerator/v/1.4.2"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/gpu-accelerator/v/1.4.7"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/gpu-accelerator/v/1.4.5"}],"affected":[{"package":{"name":"gpu-accelerator","ecosystem":"npm","purl":"pkg:npm/gpu-accelerator"},"versions":["1.4.4","1.4.6","1.4.2","1.4.7","1.4.5"],"database_specific":{"cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"},{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"},{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"},{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"},{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/gpu-accelerator/MAL-2026-5980.json","indicators":{"evidence_files":[{"sha256":"d0cb1d7fc7655a0d06d668210b0cf15fe78a9937cd789ed68494e3e4c079cd01","path":"lib/index.js","tlsh":"522111855bfaa040135764e9a13b440275aec4533006c9e4faec82e55fc7a78cbd3eec"}],"package_integrity":[{"filename":"gpu-accelerator-1.4.4.tgz","hashes":{"sha512_sri":"sha512-FoCQuqBxhbsNDqm4cbeIDTvbSuG15xzhxxTvMlXwzYL0k0iT6fBDttOeVsKJcvdj3xQbPOZinBP+vjFWBcnaqA==","sha1":"2c80b9e994face45d955b9e593aa99d1c568bf97"}}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}