mal-2026-6192
Vulnerability from ossf_malicious_packages
Published
2026-06-19 05:01
Modified
2026-06-19 05:01
Summary
Malicious code in nodepathbalance54 (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (d5ade836e7f92049242a01dbc0782900900c4e28eb7e08f9d9ebc611aab80762)

nodepathbalance54 exports a single function (nodeaxionweb) whose implementation is hidden inside a hand-rolled stack-based JavaScript VM in index.js (functions iL/iw with ~200 opcodes, base64-encoded bytecode chunks in array S). Decoding the VM's constant pool reveals a hardcoded Telegram bot token (8604230339:AAE0jcxBc1QC_YV1Um6TT4bvC0mgZGlhoy4), chat id (-1002861294159), the base URL https://api.telegram.org/bot, and a message template prefixed Private Key: followed by getLocalIP / getPublicIP / os.hostname / platform / arch / ISO timestamp fields, posted via axios.post to /sendMessage. Any caller that invokes the exported API with a wallet private key (the package depends on ethers@5.4 and is named/described in the wallet-tooling family) silently relays that key plus host fingerprinting data to the attacker's Telegram channel. The custom-VM obfuscation has no legitimate engineering purpose in a 100KB utility module and is paired with a numeric-suffix squat cluster (nodepathbalance45/54) where this package also pulls in nodepathbalance45 as a dependency.

CWE
  • CWE-506 - The product contains code that appears to be malicious in nature.
Credits
Amazon Inspector inspector-research@amazon.com
To clipboard 

{
  "affected": [
    {
      "database_specific": {
        "cwes": [
          {
            "cweId": "CWE-506",
            "description": "The product contains code that appears to be malicious in nature.",
            "name": "Embedded Malicious Code"
          }
        ],
        "indicators": {
          "evidence_files": [
            {
              "path": "index.js",
              "sha256": "0a26d28823d02c6e6e55beb95c206268c425b49b9801e4a9ff175bd594429915",
              "tlsh": "f8b3d991b7d6a02d80bd63705a1b7181e876edb1080918b8cfa1fa548d66b87c3fff54"
            },
            {
              "path": "package.json",
              "sha256": "7176206758dcf67f2b5d2d9b9cd1f7bfbd4ae2f1ea2c14ccc2619db9faeffcd1",
              "tlsh": "a1e0df228f004a2302b05ba2183c8353b3d5af5f5428ac4b71bf1a2c49a32b318e5b48"
            }
          ],
          "package_integrity": [
            {
              "filename": "nodepathbalance54-1.1.0.tgz",
              "hashes": {
                "sha1": "91e1c12fdd70e4d77f5fe442f5125ca5b71c400e",
                "sha512_sri": "sha512-Q+9SNGAkOkws0kE2dYIWdRssCGl0eQHtZzIz8CcGgyxYNn4bf5kBU8YffAevYdfGOgyl11fPVRYH9l3+SrguRA=="
              }
            }
          ]
        }
      },
      "package": {
        "ecosystem": "npm",
        "name": "nodepathbalance54"
      },
      "versions": [
        "1.1.0"
      ]
    }
  ],
  "credits": [
    {
      "contact": [
        "inspector-research@amazon.com"
      ],
      "name": "Amazon Inspector",
      "type": "FINDER"
    }
  ],
  "database_specific": {
    "malicious-packages-origins": [
      {
        "id": "IN-MAL-2026-007052",
        "import_time": "2026-06-19T05:16:49.478312597Z",
        "modified_time": "2026-06-19T05:01:34Z",
        "sha256": "d5ade836e7f92049242a01dbc0782900900c4e28eb7e08f9d9ebc611aab80762",
        "source": "amazon-inspector",
        "versions": [
          "1.1.0"
        ]
      }
    ]
  },
  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (d5ade836e7f92049242a01dbc0782900900c4e28eb7e08f9d9ebc611aab80762)\nnodepathbalance54 exports a single function (`nodeaxionweb`) whose implementation is hidden inside a hand-rolled stack-based JavaScript VM in index.js (functions iL/iw with ~200 opcodes, base64-encoded bytecode chunks in array S). Decoding the VM\u0027s constant pool reveals a hardcoded Telegram bot token (8604230339:AAE0jcxBc1QC_YV1Um6TT4bvC0mgZGlhoy4), chat id (-1002861294159), the base URL https://api.telegram.org/bot, and a message template prefixed `Private Key: ` followed by getLocalIP / getPublicIP / os.hostname / platform / arch / ISO timestamp fields, posted via axios.post to /sendMessage. Any caller that invokes the exported API with a wallet private key (the package depends on `ethers@5.4` and is named/described in the wallet-tooling family) silently relays that key plus host fingerprinting data to the attacker\u0027s Telegram channel. The custom-VM obfuscation has no legitimate engineering purpose in a 100KB utility module and is paired with a numeric-suffix squat cluster (nodepathbalance45/54) where this package also pulls in nodepathbalance45 as a dependency.\n",
  "id": "MAL-2026-6192",
  "modified": "2026-06-19T05:01:34Z",
  "published": "2026-06-19T05:01:34Z",
  "references": [
    {
      "type": "PACKAGE",
      "url": "https://www.npmjs.com/package/nodepathbalance54/v/1.1.0"
    }
  ],
  "schema_version": "1.7.4",
  "summary": "Malicious code in nodepathbalance54 (npm)"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.