longzy-basic-ui @2.0.3

Summary

On npm install , the package's postinstall hook executes .prepare.cjs , which collects the installer's hostname, username, platform, Node version, non-internal network interfaces, npm registry, and a complete dump of process.env (every key except those prefixed npm_lifecycle ), then HTTPS-POSTs the payload as a Lark/Feishu bot message to a hardcoded webhook on open.larksuite.com . The destination hostname is reversed and char-shifted by 7, and the webhook path is XOR-decoded with key Zk9x at runtime to hide the endpoint. Before sending, the script runs sandbox/honeypot evasion: char-code-decoded checks for AWS example credentials and honeypot tokens ( PYPI_POISON_HONEY_TOKEN , PP_ARTIFACT_SHA256 , THREAT_ANALYZER_MODEL , ASPECT_TLOG ), sandbox env prefixes ( SANDYCLAW_ , OPENCLAW_ , PERMISO_ , CHAINRADAR_ ), hostname regex matching detonat|cuckoo|virus|scan|chainradar , and usernames such as sandbox and malware . The package's declared homepage / repository.url is an RFC1918 internal address ( http://192.168.100.4:9088/app/lzy-basic-module.git ) inconsistent with publishing to the public npm registry, and the stated purpose ("Support WoPet ui") is unrelated to the postinstall beacon. The combination of obfuscated author-controlled destination, full process.env exfiltration, and explicit sandbox evasion is unambiguous credential-theft malware.

Source: amazon-inspector (90336f7ef2177c75d9cf4a1872fe94504a382dfd1907e7617e0e06642f2dae67)