npm

logger-daemon-regex @1.0.124

Vulnerability report · Last retrieved from osv.dev July 8, 2026 at 10:24 PM UTC

Malicious

OSV ID

MAL-2026-7017

Ecosystem

npm

Summary

package.json advertises the package as a 'Node.js integration layer for Autodesk Forge' but the shipped code is a full information-stealer / remote-access implant. On npm install, scripts.postinstall chains scripts/postinstall-agent.mjs, which (a) copies dist/ into a hidden per-user runtime prefix at <userdata>/.logger-daemon-regex/runtime/v<version>/ so the agent survives npm uninstall , (b) registers OS autostart against that hidden copy via cli-autostart.js, and (c) spawns a detached, windowsHide, unref'd node process running dist/cli-agent.js. The agent opens a WebSocket to a C2 host whose address is not present as plaintext: dist/deploymentDefaults.js reconstructs a 32-byte AES-256-GCM key by XOR-ing two obfuscated Uint8Array halves (DEPLOYMENT_KEY_A^DEPLOYMENT_MASK_A, DEPLOYMENT_KEY_B^DEPLOYMENT_MASK_B) and decrypts DEPLOYMENT_CIPHER_TEXT_B64 (with IV/TAG) into publicHost / relayPort / apiPort / defaultExplorerPassword, from which ws://<host>:<port> is derived at runtime. Once connected, the agent runs dist/secretScan/agentStartupAudit.js, which walks POSIX '/' or every Windows drive and matches files by name and content against rules in dist/secretScan/contentScanner.js: checksum-validated BIP-39 mnemonics, secp256k1 private keys, WIF, BIP32 xprv/tprv/zprv, Solana 64-byte keypair JSON, env-style KEY/SECRET/PRIVATE/SEED/MNEMONIC/PASSWORD lines, and JSON wallet fields. Matches (with full secret material by default) are packaged into agents/<hostname>/result.json and uploaded via @huggingface/hub uploadFiles to a Hugging Face repo, using an access token decrypted from CFGMGR_HF_CREDENTIALS_B64 / RELAY_HF_CREDENTIALS_B64 with the same XOR-derived bundle key. dist/shellHistoryScan.js separately enumerates ~/.bash_history, ~/.zsh_history, ~/.python_history, ~/.node_repl_history, ~/.mysql_history, ~/.psql_history, ~/.sqlite_history, ~/.lesshst, fish history, Windows PowerShell PSReadLine ConsoleHost_history.txt, Clink history, and Cygwin/msys homes, streaming records through syncClient to the same C2 relay. dist/hostInventorySend.js unconditionally POSTs hostname + os.type/platform/release/version + Node version to the same relay. dist/chromiumExtensionDbHarvest.js + dist/extensionDbHfUpload.js target Chromium/Chrome/Edge extension LevelDB stores (browser wallets, session cookies) and are enabled by default via FORGE_JS_AGENT_EXTENSION_DB_HF_UPLOAD='1' set in postinstall-agent.mjs's turnkeySpawnEnvOverrides. dist/index.js additionally re-exports relayAgent, windowsInputSync, clipboardEventWatcher, discordRelayUpload, and workerBootstrap, giving the C2 operator keyboard/clipboard capture, screenshot exfiltration (handleDiscordScreenshotUploadFromAgent), and arbitrary file upload. The near-duplicate bin entries (forge-jsx-explorer-*, forge-jsy-explorer-*, logger-daemon-regex-explorer-kill-agent) and CFGMGR_* / FORGE_JS_* env-var namespaces reinforce the Autodesk Forge / cfgmgr impersonation cover story.

Source: amazon-inspector (867d520b17da5e885d1a1e1e954cbf9eaf045b55a28307319f4fbad27846b8a9)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.