AI Security Review
scanned 3d ago · by lpm-firewall-aiThe package embeds a crypto clipboard hijacker, reconnaissance, exfiltration, and persistence code in both published entrypoints, but the observed activation logic appears inert in normal use. This is a staged malicious payload carrier rather than confirmed runtime execution on import/install.
Decision evidence
public snapshot- dist/index.cjs and dist/index.js contain hidden clipboard monitor matching crypto addresses/keys and replacing BTC/ETH/SOL addresses.
- dist/index.cjs posts captured clipboard/detection data to http://2.27.62.51:8080/api/health and :8081/api/health.
- dist/index.cjs scans homedir/cwd for MetaMask, Telegram, browser profiles, SSH keys, .npmrc tokens, env crypto keys, and .env files.
- dist/index.cjs includes persistence writes to Windows Startup or appends shell rc hooks.
- package.json entrypoints point to dist/index.cjs and dist/index.js; package also self-depends on base58-core.
- Activation gate uses INSTALL_TIME=Date.now() and _checkActivation() runs only at import, so the 72h delayed payload appears unreachable in normal import execution.
- _internal.activate sets activated=true before calling _checkActivation(), causing an early return rather than activation.
- README/d.ts describe only Base58 APIs, not the hidden behavior.
Source & flagged code
8 flagged · loading sourceSource reads and rewrites clipboard contents matching cryptocurrency wallet addresses.
dist/index.jsView on unpkg · L103Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.
dist/index.jsView on unpkg · L533Source file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/index.jsView on unpkgPackage source references dynamic require/import behavior.
dist/index.jsView on unpkg · L11Source writes installer persistence such as shell profile or service configuration.
dist/index.jsView on unpkg · L103A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/index.cjsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/index.cjsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
dist/index.cjsView on unpkg