registry  /  permcarmserver  /  1.0.0

permcarmserver@1.0.0

OSV Malicious Advisory

scanned 2h ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-10488 confirms this npm version as malicious. On require, index.js spawns a worker that uses koffi FFI to load a file named index.html and invoke its exported vserver_start(). Despite the extension, index.html is an aarch64 Linux ELF shared library built from vless_ws.c; it implements a VLESS-over-WebSocket proxy with a hardcoded client UUID 4916e0f5-8abc-4ad4-ba5d-158582c60d85, accepts WebSocket upgrades, and relays arbitrary attacker-directed TCP CONNECT...

Advisory
MAL-2026-10488
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in permcarmserver (npm)
Details
On require, index.js spawns a worker that uses koffi FFI to load a file named index.html and invoke its exported vserver_start(). Despite the extension, index.html is an aarch64 Linux ELF shared library built from vless_ws.c; it implements a VLESS-over-WebSocket proxy with a hardcoded client UUID 4916e0f5-8abc-4ad4-ba5d-158582c60d85, accepts WebSocket upgrades, and relays arbitrary attacker-directed TCP CONNECT traffic through the installing host. The ELF returns a decoy ':: SYSTEM ONLINE:: MINECRAFT SERVER' HTML page to casual HTTP probes as a cover story. One second after the worker signals 'started', index.js recursively deletes the installed package directory with fs.rmSync(pkgDir, { recursive: true, force: true }), while the loaded native library keeps running in memory. The combination of native ELF masquerading as HTML, FFI load on require, hardcoded VLESS identity, TCP relay capability, and post-activation self-deletion converts the installing host into a covert attacker-controlled proxy relay.
Decision reason
No blocking static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
Filesystem
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 1 file(s), 947 B of source

Source & flagged code

1 flagged · loading source
index.htmlView file
path = index.html kind = native_binary sizeBytes = 33784 magicHex = [redacted]
Medium
Ships Native Binary

Package ships native binary artifacts.

index.htmlView on unpkg

Findings

1 Medium2 Low
MediumShips Native Binaryindex.html
LowFilesystem
LowNo License