OSV ID
MAL-2026-4581
Ecosystem
npm
Summary
The package is purpose-built tooling to defeat exam-proctoring / lockdown software, with multiple installer-machine integrity harms triggered when the user runs the documented idlidosa start command:
1. Binary masquerade as Microsoft software: dist/cli/index.js (~line 290) copies the bundled electron.exe to msedgewebview2.exe and uses bundled rcedit to overwrite its Windows version resources to claim CompanyName=Microsoft Corporation and ProductName=Microsoft Edge WebView2 Runtime . The guard process additionally sets process.title = "Windows Audio Device Graph Isolation" . An administrator auditing the host sees what appears to be a Microsoft component but is an unsigned Electron app under this package's control.
2. Persistence as fake Edge updater: installResurrector (~line 330) registers a Windows Scheduled Task named MicrosoftEdgeWebView2Update that runs every 1 minute via schtasks /create... /sc MINUTE /mo 1 /f , re-spawning a launcher written to %APPDATA%/Idlidosa/resurrect.js . The task name impersonates a legitimate Microsoft Edge update job.
3. Anti-detection watchdog: cli/guard.cjs carries self-incriminating comments stating the 1500ms restart delay is fast enough to beat TestPad's 30s scan and that it runs as node.exe (which lockdown software rarely kills) .
4. Process-wide TLS validation disabled: dist/shared/index.js (~line 187) sets process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0" at module load, disabling TLS certificate validation for every HTTPS call made by the host Node process for the lifetime of that process — not just calls made by this package. Subsequent traffic (including screenshots of the user's screen and bundled API keys) is sent over un-validated TLS and is exposed to MITM on the installer's network.
5. Bundled decryptable Groq API key pool: shared/keys.json ships nine AES-256-GCM-encrypted Groq API keys whose decryption key is sha256("pageai-pool-v2") (literal byte array in shared/crypto.ts ), so any installer can decrypt them. These are the author's own keys (author self-harm), but they are used as the default channel for sending the user's screen captures over the TLS-disabled connection.
The combination of Microsoft-impersonation on disk, Microsoft-impersonation as a scheduled task, watchdog comments documenting evasion intent, and global TLS weakening constitutes deliberate harm to the integrity of any host this is installed and run on.
Source: amazon-inspector (5c6cba2c58d95d705af7dc5bb1c630129127835fb1ef15d4ccf43ec2818bf632)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.