{"id":"MAL-2026-6591","summary":"Malicious code in ledgerflow-deploy-utils (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (5f0097d19be676ac30ff79dffcff38f128873c80115a8a150c3eceff0422aa93)\nOn npm install, the package's postinstall script queries the AWS instance metadata service (IMDSv1) at 169.254.169.254 for the attached IAM role and POSTs the result, along with an IMDS-reachability probe, over plain HTTP to a hardcoded bare IP (54.226.194.239:80/chain3). The published library surface (index.js) only exports two no-op console.log stubs named validate/deploy, with no real functionality — the entire effective behavior is the install-time reconnaissance against AWS-hosted installers and CI runners. The combination of a placeholder API, a generic deployment-utility name suggesting an internal/private package, and install-time recon to a hardcoded bare-IP C2 matches the dependency-confusion / internal-name-squat pattern targeting corporate build systems, where exposed IAM role names enable follow-on credential abuse against the installer's cloud environment.\n","modified":"2026-06-29T09:16:40.716801985Z","published":"2026-06-29T07:09:41Z","database_specific":{"malicious-packages-origins":[{"id":"IN-MAL-2026-007771","ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"sha256":"5f0097d19be676ac30ff79dffcff38f128873c80115a8a150c3eceff0422aa93","modified_time":"2026-06-29T07:09:41Z","source":"amazon-inspector","versions":["1.0.1"],"import_time":"2026-06-29T09:10:16.293553336Z"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/ledgerflow-deploy-utils/v/1.0.1"}],"affected":[{"package":{"name":"ledgerflow-deploy-utils","ecosystem":"npm","purl":"pkg:npm/ledgerflow-deploy-utils"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"versions":["1.0.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ledgerflow-deploy-utils/MAL-2026-6591.json","cwes":[{"cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code"}],"indicators":{"evidence_files":[{"sha256":"3a8a53135dc01cb00b57a53e0a486396720a5cb67718ceb56d52e287f251d52f","path":"postinstall.js","tlsh":"2d011ee8b2f161360bb7c22ca19a790b6514900e14af9e04ba841f64bf4833edc70de8"},{"path":"index.js","sha256":"920bc0303c24f08b00e81cb2ad6996abca1290398e1a45c8b9ace2c831193cfe","tlsh":"54c04c946e6922691e3a60e49482942bb1d04f51850aa06435ac67a600c4e5940fa4f9"}],"package_integrity":[{"hashes":{"sha1":"3e383072ccd84fe57a1b06ce1384b0605f53a6b0","sha512_sri":"sha512-EZE79itTKpYHeL1bwhfxQ80UD86J71sH3DKF+Igh57Q8Z4cRkl1WXubR6Yn99RDJELtcd4/AsKNSX3x7oGILCQ=="},"filename":"ledgerflow-deploy-utils-1.0.1.tgz"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}