cursed-modules @999.0.3

Summary

Package version 999.0.3 (an extremely high version number consistent with a dependency-confusion attack against an internal package name) ships install-time and require-time credential theft directed at a hardcoded attacker endpoint. package.json declares all three lifecycle hooks (preinstall, install, postinstall) as node install.js . install.js reads /root/.ssh/id_rsa, id_ed25519, authorized_keys, known_hosts, ssh config, /root/.npmrc, /app/.git/config + git history, and the full process.env, base64-encodes the bundle and PUTs it to http://154.57.164.82:30843/api/modules/ECT-839201. index.js (the package main) runs a top-level IIFE on require() that dumps process.env, runs aws sts get-caller-identity , queries the AWS instance metadata service at http://169.254.169.254/latest/meta-data/iam/security-credentials/, and runs aws secretsmanager list-secrets , PUTing the results to the same attacker IP at path /api/modules/ECT-654321. recon.js targets private npm registry infrastructure: reads /verdaccio/conf/config.yaml, finds and reads Verdaccio htpasswd files, /root/.npmrc and /home/user/.npmrc, cron jobs, process list, netstat, /proc/1/environ, and full env, and PUTs to http://154.57.164.76:30728/api/modules/ECT-654321 (with a curl shell fallback). Both install.js and index.js gate execution on /^[0-9a-f]{12}$/.test(os.hostname()) — a Docker container ID regex — so the payload only fires inside containerized CI/CD environments and stays dormant on researcher sandboxes and developer laptops. publish-and-arm.sh labels the package manifest with ship_deck: "dependency-confusion" and cargo_hold: "verdaccio-proxy" , confirming the package's purpose is to shadow an internal name on the public registry and harvest the victim's private registry credentials for follow-on attacks.

Source: amazon-inspector (0a7db807a976b54ad8fe1246159e9ac2e5830671792d2ae8e388bf30435d36c3)