registry  /  nottuff5  /  2.0.0

nottuff5@2.0.0

Republished package

AI Security Review

scanned 3h ago · by lpm-firewall-ai

Opening the declared HTML entry executes an off-domain script and initializes a service-worker-backed web proxy. The service worker can intercept routed browser requests and send request metadata and bodies to the configured remote transport.

Static reason
One or more suspicious static signals were detected.
Trigger
A user opens `index.html` or the packaged browser application initializes its proxy controller.
Impact
An untrusted remote host can supply executable JavaScript, while proxied browser traffic may be exposed to the remote transport.
Mechanism
Off-domain script execution plus service-worker request interception and remote WebSocket proxying.
Attack narrative
The package masquerades as a generic republished npm artifact but its declared browser entry loads arbitrary remote JavaScript from an unrelated host. Its application then registers a service worker that claims browser clients and routes selected requests through a Scramjet-style proxy using a WebSocket endpoint on another unrelated domain. The controller serializes URLs, referrers, headers, and request bodies for remote processing. This creates a concrete remote-code and browser-traffic interception surface when the entry is opened.
Rationale
No install-time hook exists, but the shipped entrypoint directly executes unpinned remote code and installs a browser request-interception proxy that forwards request data to an unrelated host. These are concrete attack behaviors, not merely bundled-library indicators.
Evidence
package.jsonindex.htmlassets/boot-CVPGRFHh.jsj6k3y8.jsct1tl/jmqwjq.jsct1tl/csbzam.jsbfjdx/757lr8.jsbfjdx/w7m632.wasm
Network endpoints2
c.vipersfutbol.com/script.jswss://21baseballacademy.com/fairs/

Decision evidence

public snapshot
AI called this Malicious at 95.0% confidence as Malware with low false-positive risk.
Evidence for block
  • `index.html` loads remote code from `https://c.vipersfutbol.com/script.js`.
  • `assets/boot-CVPGRFHh.js` registers `j6k3y8.js` as a service worker.
  • `j6k3y8.js` claims clients and routes matching fetch events.
  • `assets/boot-CVPGRFHh.js` configures a request-rewriting proxy over `wss://21baseballacademy.com/fairs/`.
  • `ct1tl/jmqwjq.js` forwards intercepted request URL, headers, body, and referrer through its controller RPC.
Evidence against
  • `package.json` contains no preinstall, install, postinstall, or other lifecycle hooks.
  • Inspected code is browser-only; no Node shell, filesystem, environment, or credential-harvesting APIs were found in the entry flow.
Behavioral surface
Source
ChildProcessDynamicRequireFilesystemNetworkWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareUrlStrings
Manifest
NoLicense
scanned 24 file(s), 7.27 MB of source, external domains: 127.0.0.1, aomediacodec.github.io, cdn.jsdelivr.net, cloud-api.livekit.io, curl.se, emscripten.org, fingerprint.com, github.com, m1.openfpcdn.io, react.dev, sj-cache.invalid, twemoji.maxcdn.com, www.w3.org, www.zlib.net

Source & flagged code

7 flagged · loading source
assets/proxy-runtime-1NyFshf9.jsView file
1patternName = aws_access_key severity = critical line = 1 matchedText = var OQ=O...B+=`
Critical
Critical Secret

Package contains a critical-looking secret pattern.

assets/proxy-runtime-1NyFshf9.jsView on unpkg · L1
1patternName = aws_access_key severity = critical line = 1 matchedText = var OQ=O...B+=`
Critical
Secret Pattern

AWS access key ID in assets/proxy-runtime-1NyFshf9.js

assets/proxy-runtime-1NyFshf9.jsView on unpkg · L1
bfjdx/757lr8.jsView file
17L18: //# sourceURL=${A}`)();n=c,o=l}else n=g.z$,o=g.Mt;r.construct&&(l.construct=function(e,t,i){let n,s=!1,a={fn:e,this:null,args:t,newTarget:i,return:e=>{s=!0,n=e},call:()=>(s=!0,n=o(... L19: //# sourceURL=${r.url.href}`),n}return o.body;case"style":return(0,i.sM)(await o.text(),e.context,r.meta);case"sharedworker":case"worker":return(0,i.iP)(new Uint8Array(await o.arra...
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bfjdx/757lr8.jsView on unpkg · L17
assets/ChatPage-zoA8Z6RX.jsView file
1(function(_0x31bba3,_0x379132){const _0x159e7b={_0x26fc34:0x358,_0x56fc24:0x70c,_0x216b69:0x578,_0x22d6fc:0x60b,_0x33af41:0x2a6,_0x514b56:0x7f9,_0x4ccc4c:0x9d1,_0x35dd24:0xfdf,_0x1...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

assets/ChatPage-zoA8Z6RX.jsView on unpkg · L1
bfjdx/w7m632.wasmView file
path = bfjdx/w7m632.wasm kind = wasm_module sizeBytes = 586279 magicHex = [redacted]
Medium
Ships Wasm Module

Package ships WebAssembly modules.

bfjdx/w7m632.wasmView on unpkg
assets/KaTeX_Script-Regular-D3wIWfF6.woff2View file
path = assets/KaTeX_Script-Regular-D3wIWfF6.woff2 kind = high_entropy_blob sizeBytes = 9644 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

assets/KaTeX_Script-Regular-D3wIWfF6.woff2View on unpkg
assets/livekit-C0E_jLSz.jsView file
13patternName = generic_password severity = medium line = 13 matchedText = `},e.par...+`\r
Medium
Secret Pattern

Hardcoded password in assets/livekit-C0E_jLSz.js

assets/livekit-C0E_jLSz.jsView on unpkg · L13

Findings

2 Critical3 High6 Medium4 Low
CriticalCritical Secretassets/proxy-runtime-1NyFshf9.js
CriticalSecret Patternassets/proxy-runtime-1NyFshf9.js
HighObfuscated Payload Loaderassets/ChatPage-zoA8Z6RX.js
HighObfuscated
HighShips High Entropy Blobassets/KaTeX_Script-Regular-D3wIWfF6.woff2
MediumDynamic Requirebfjdx/757lr8.js
MediumNetwork
MediumProtestware
MediumShips Wasm Modulebfjdx/w7m632.wasm
MediumStructural Risk Force Deep Review
MediumSecret Patternassets/livekit-C0E_jLSz.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License