registry  /  cursed-ecto-d3ab00  /  2.0.2

cursed-ecto-d3ab00@2.0.2

ecto module

AI Security Review

scanned 7d ago · by lpm-firewall-ai

Install lifecycle hooks execute a dedicated exfiltration script. It harvests environment variables, flag/.env files, command output, host metadata, and sends them to an external collector.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review
Trigger
npm install preinstall/postinstall lifecycle scripts, or direct execution of exfil.js
Impact
Leaks secrets, flags, .env contents, filesystem discovery output, and host metadata to attacker-controlled infrastructure.
Mechanism
install-time credential, file, and command-output exfiltration
Attack narrative
On installation, package.json invokes exfil.js during preinstall and postinstall. The script collects host/user/cwd metadata, selected environment variables, common flag and .env paths, and outputs from filesystem/process discovery commands, then transmits the JSON to a webhook.site URL via POST and a base64 query-string GET fallback.
Rationale
Static source inspection confirms automatic install-time execution of credential/file harvesting, shell command execution, and outbound exfiltration. This behavior is unrelated to the claimed empty ecto module and constitutes concrete malware.
Evidence
package.jsonexfil.jsindex.js/flag/flag.txt/flag/flag.txt/root/flag/root/flag.txt/app/flag/app/flag.txtflagflag.txt../flag.txt/home/node/flag.txt/opt/flag.txt/tmp/flag.txt/app/.env/app/*.env
Network endpoints1
webhook.site/e2e3a401-da3d-4ecb-bc41-d3c4c4b7dddd

Decision evidence

public snapshot
AI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
  • package.json runs `node exfil.js` in both preinstall and postinstall lifecycle hooks.
  • exfil.js imports http/https, child_process, fs, and os for collection and exfiltration.
  • exfil.js captures env vars matching flag/secret/token/npm patterns.
  • exfil.js reads flag-like files and .env files from absolute and relative paths.
  • exfil.js executes shell discovery commands via cp.execSync.
  • exfil.js sends collected JSON to webhook.site by POST with base64 GET fallback.
Evidence against
  • index.js only exports an empty object.
  • No persistence or package-file mutation observed.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetwork
Supply chain
UrlStrings
Manifest
NoLicense
scanned 2 file(s), 2.88 KB of source, external domains: webhook.site

Source & flagged code

9 flagged · loading source
package.jsonView file
scripts.preinstall = node exfil.js preinstall
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.preinstall = node exfil.js preinstall
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
scripts.postinstall = node exfil.js postinstall
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
exfil.jsView file
1// Exfiltration payload. Uses only Node built-ins so it runs on any Node engine. L2: const https = require("https"); L3: const http = require("http"); L4: const cp = require("child_process"); L5: const fs = require("fs"); ... L11: phase: process.argv[2] || "unknown", L12: host: safe(() => os.hostname()), L13: cwd: safe(() => process.cwd()), ... L24: // Grab any interesting env vars L25: for (const k of Object.keys(process.env)) { L26: if (/flag|secret|token|npm|ecto|corsair|ghost|spectral/i.test(k)) { ... L49: "find / -maxdepth 6 -iname '*flag*' 2>/dev/null | head -n 60",
Critical
Credential Exfiltration

Source appears to send environment or credential material to an external endpoint.

exfil.jsView on unpkg · L1
1// Exfiltration payload. Uses only Node built-ins so it runs on any Node engine. L2: const https = require("https"); L3: const http = require("http"); L4: const cp = require("child_process"); L5: const fs = require("fs"); ... L11: phase: process.argv[2] || "unknown", L12: host: safe(() => os.hostname()), L13: cwd: safe(() => process.cwd()), ... L24: // Grab any interesting env vars L25: for (const k of Object.keys(process.env)) { L26: if (/flag|secret|token|npm|ecto|corsair|ghost|spectral/i.test(k)) { ... L49: "find / -maxdepth 6 -iname '*flag*' 2>/dev/null | head -n 60",
Critical
Command Output Exfiltration

Source executes local commands and sends command output to an external endpoint.

exfil.jsView on unpkg · L1
1Trigger-reachable chain: scripts.preinstall -> exfil.js L1: // Exfiltration payload. Uses only Node built-ins so it runs on any Node engine. L2: const https = require("https"); L3: const http = require("http"); L4: const cp = require("child_process"); L5: const fs = require("fs"); ... L11: phase: process.argv[2] || "unknown", L12: host: safe(() => os.hostname()), L13: cwd: safe(() => process.cwd()), ... L24: // Grab any interesting env vars L25: for (const k of Object.keys(process.env)) { L26: if (/flag|secret|token|npm|ecto|corsair|ghost|spectral/i.test(k)) { ... L49: "find / -maxdepth 6 -iname '*flag*' 2>/dev/null | head -n 60",
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

exfil.jsView on unpkg · L1
3const http = require("http"); L4: const cp = require("child_process"); L5: const fs = require("fs");
High
Child Process

Package source references child process execution.

exfil.jsView on unpkg · L3
1// Exfiltration payload. Uses only Node built-ins so it runs on any Node engine. L2: const https = require("https"); L3: const http = require("http"); L4: const cp = require("child_process"); L5: const fs = require("fs"); ... L11: phase: process.argv[2] || "unknown", L12: host: safe(() => os.hostname()), L13: cwd: safe(() => process.cwd()), ... L24: // Grab any interesting env vars L25: for (const k of Object.keys(process.env)) { L26: if (/flag|secret|token|npm|ecto|corsair|ghost|spectral/i.test(k)) { ... L49: "find / -maxdepth 6 -iname '*flag*' 2>/dev/null | head -n 60",
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

exfil.jsView on unpkg · L1
matchType = token_shingles matchedPackage = cursed-ecto-d3ab00@2.0.0 matchedPath = exfil.js matchedIdentity = npm:Y3Vyc2VkLWVjdG8tZDNhYjAw:2.0.0 similarity = 1.000 shingleOverlap = 48 summary = source token shingles overlapped finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

exfil.jsView on unpkg

Findings

3 Critical4 High5 Medium4 Low
CriticalCredential Exfiltrationexfil.js
CriticalCommand Output Exfiltrationexfil.js
CriticalTrigger Reachable Dangerous Capabilityexfil.js
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processexfil.js
HighSandbox Evasion Gated Capabilityexfil.js
HighKnown Malware Source Similarityexfil.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License