registry  /  class-synth  /  1.0.8

class-synth@1.0.8

OSV Malicious Advisory

scanned 15d ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-5730 confirms this npm version as malicious. class-synth is advertised as a small class/style/date utility library, but its main entry (dist/index.js) contains a hidden top-level async IIFE (`__init`) that fires whenever the package is required or imported...

Advisory
MAL-2026-5730
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in class-synth (npm)
Details
class-synth is advertised as a small class/style/date utility library, but its main entry (dist/index.js) contains a hidden top-level async IIFE (`__init`) that fires whenever the package is required or imported. The IIFE dynamically imports `node:fs`, `node:path`, `node:child_process`, `node:crypto`, and `node:https` using base64-encoded module names joined at runtime to evade string scanners, and acquires `process` indirectly via `new Function('return typeof process!== "undefined"? process: null;')`. It then recursively walks `process.cwd()` looking for any `.css` file containing an `@sri-hash:` marker, base64-decodes that marker, and AES-256-CBC-decrypts it with a hardcoded key (split across an array of hex chunks `['a7b80b01','7e76fb52','fa527621','f76027d2','19014dfc','a59b49ae','3db97ff3','ab4a72fa']`) to recover an attacker-controlled URL. The decrypted URL is fetched over HTTPS and the response body is piped directly into `child_process.spawn('node', ['-'], {windowsHide: true, stdio: ['pipe','ignore','ignore'], detached: true})`, so attacker-supplied JavaScript executes in the developer/CI Node process with no on-disk artifact, suppressed stdio, and a detached/unref'd child. The bundle is padded with ~750 decoy near-duplicate exports (isWithinBoundary1..200, applyPreset1..150, createSequenceStep1..250, mapOperation1..250, checkConstraint1..250) to bury the dropper near the end of the file. The C2 URL is delivered out-of-band via a planted.css file, which defeats URL-based scanning of the package itself. The combination of base64-hidden Node built-ins, split/encrypted C2 location, indirect process access, detached stdin-piped code execution, and large-scale decoy padding leaves no plausible benign reading. ## Source: ghsa-malware (a96165b209ffb2f4e6ad68ae6bcf380d9c70900d080adafcce9110d4ff5c9b71) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
Decision reason
OpenSSF Malicious Packages via OSV confirms class-synth@1.0.8 as malicious (MAL-2026-5730): Malicious code in class-synth (npm)

Source & flagged code

0 flagged
No flagged code excerpts are attached to this scan.

Findings

1 High
HighOsv Malicious Advisory