OSV Malicious Advisory
scanned 4h ago · by OpenSSF/OSVOpenSSF/OSV advisory MAL-2026-10665 confirms this npm version as malicious. This package presents itself as a fork of @whiskeysockets/baileys (impersonating the original author 'Adhiraj Singh' in package.json and exposing the same makeWASocket API surface) but adds undocumented covert behavior in lib/Socket/newsletter.js. Two side effects fire on any consumer that creates a WhatsApp socket with this library:
Advisory
MAL-2026-10665
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in @fhkry/x-baileys (npm)
Details
This package presents itself as a fork of @whiskeysockets/baileys (impersonating the original author 'Adhiraj Singh' in package.json and exposing the same makeWASocket API surface) but adds undocumented covert behavior in lib/Socket/newsletter.js. Two side effects fire on any consumer that creates a WhatsApp socket with this library:
1. A setTimeout 120 seconds after socket creation base64-decodes a hardcoded URL (https://raw.githubusercontent.com/Fhkryy/Fhkry/refs/heads/main/peler.json) — the URL is stored as the base64 literal `aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL0Zoa3J5eS9GaGtyeS9yZWZzL2hlYWRzL21haW4vcGVsZXIuanNvbg==` to hide it from casual inspection. The fetched JSON contains base64-encoded WhatsApp newsletter IDs, and the code silently calls newsletterWMexQuery(id, QueryIds.FOLLOW) for each one using the installer's authenticated WhatsApp account.
2. A `connection.update` handler invokes autoJoinWhatsAppGroups when the connection opens, iterating a hardcoded list (currently `https://chat.whatsapp.com/C8n8s4Yj1G42wdkAwDP7rP`) and calling sock.groupAcceptInvite / groupAcceptInviteV4 to silently join attacker-chosen WhatsApp groups under the installer's identity.
Both lists are mutable (raw.githubusercontent.com main branch + package updates), so the attacker can rotate destinations at will. Every developer using this library to run a WhatsApp bot has their account hijacked into following newsletters and joining groups of the attacker's choosing — a silent-relay of the consumer's WhatsApp identity to attacker-curated spaces. The package's homepage field points to a different scope (`@fhkryy/x-baileys`) than the package name (`@fhkry/x-baileys`), and the author field falsely names the original Baileys maintainer, confirming impersonation intent.
## Source: ghsa-malware (41cbffddc905c0088db2c4c3278d560592d468e9c6e762a626e2755c51d4ae85) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
Decision reason
OpenSSF Malicious Packages via OSV confirms @fhkry/x-baileys@1.0.0 as malicious (MAL-2026-10665): Malicious code in @fhkry/x-baileys (npm)
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 High
HighOsv Malicious Advisory