{"id":"MAL-2026-6569","summary":"Malicious code in longzy-basic-ui (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (90336f7ef2177c75d9cf4a1872fe94504a382dfd1907e7617e0e06642f2dae67)\nOn `npm install`, the package's postinstall hook executes `.prepare.cjs`, which collects the installer's hostname, username, platform, Node version, non-internal network interfaces, npm registry, and a complete dump of `process.env` (every key except those prefixed `npm_lifecycle`), then HTTPS-POSTs the payload as a Lark/Feishu bot message to a hardcoded webhook on `open.larksuite.com`. The destination hostname is reversed and char-shifted by 7, and the webhook path is XOR-decoded with key `Zk9x` at runtime to hide the endpoint. Before sending, the script runs sandbox/honeypot evasion: char-code-decoded checks for AWS example credentials and honeypot tokens (`PYPI_POISON_HONEY_TOKEN`, `PP_ARTIFACT_SHA256`, `THREAT_ANALYZER_MODEL`, `ASPECT_TLOG`), sandbox env prefixes (`SANDYCLAW_`, `OPENCLAW_`, `PERMISO_`, `CHAINRADAR_`), hostname regex matching `detonat|cuckoo|virus|scan|chainradar`, and usernames such as `sandbox` and `malware`. The package's declared `homepage`/`repository.url` is an RFC1918 internal address (`http://192.168.100.4:9088/app/lzy-basic-module.git`) inconsistent with publishing to the public npm registry, and the stated purpose (\"Support WoPet ui\") is unrelated to the postinstall beacon. The combination of obfuscated author-controlled destination, full `process.env` exfiltration, and explicit sandbox evasion is unambiguous credential-theft malware.\n","modified":"2026-06-29T05:16:42.410591770Z","published":"2026-06-29T04:37:18Z","database_specific":{"malicious-packages-origins":[{"source":"amazon-inspector","versions":["2.0.3"],"id":"IN-MAL-2026-007726","import_time":"2026-06-29T05:07:07.487500811Z","modified_time":"2026-06-29T04:37:18Z","ranges":[{"events":[{"introduced":"0"}],"type":"SEMVER"}],"sha256":"90336f7ef2177c75d9cf4a1872fe94504a382dfd1907e7617e0e06642f2dae67"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/longzy-basic-ui/v/2.0.3"}],"affected":[{"package":{"name":"longzy-basic-ui","ecosystem":"npm","purl":"pkg:npm/longzy-basic-ui"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"versions":["2.0.3"],"database_specific":{"cwes":[{"cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code"}],"indicators":{"evidence_files":[{"path":".prepare.cjs","sha256":"d17157828b17732d1577bf74528962b924d57f28f238f5df8fe3c31411ae84a4","tlsh":"ade131ced3a11ae5ab5108a3841e750a58b8c1231d2d92d8bcd4c2d77ff5b7056aa3fc"},{"path":"package.json","sha256":"6caba23a140e569c6b597b6cf4154704f838baaafd686a88d1cc382b26cddb47","tlsh":"f111ed20ca704e7385dc59d478690083e226cc1b4c58bc0873fb461c1b6d97fa9bd22c"}],"package_integrity":[{"filename":"longzy-basic-ui-2.0.3.tgz","hashes":{"sha512_sri":"sha512-I6YU7E+tlzQ4fXExqOC1Wg8FfAfeVC4bbE/OD34PuwDLyb9NQmruhqIh4ocw6MF/s9YmUqCC+NpQOkP0qEjWfA==","sha1":"551c0892b495052470103a82daf3b6a5b5a48503"}}]},"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/longzy-basic-ui/MAL-2026-6569.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}