Secure your dependencies. Ship with confidence.

This module implements active obfuscation and stealth execution mechanisms (heap XOR obfuscation, context/spoofed-call-chain building, APC/timer scheduling, memory protection toggling, and suspended-thread injection). The behavior strongly matches malicious loader/evader patterns (in-memory payload concealment and covert execution). Treat this code as dangerous for general use — it provides primitives used in theft/persistence/stealthy code execution. Recommend blocking or thoroughly isolating and auditing any package containing this code before use.

The code collects sensitive system information such as the MAC address and serial number and opens a persistent WebSocket connection to a remote server at ws://server.example.com. It transmits these identifiers via URL parameters and receives encoded commands from the server. These commands can include operations like setting passwords for remote access software, retrieving remote access IDs, restarting the system, and sending error logs back to the server. The use of subprocess calls to execute system commands without proper validation further increases the risk of unauthorized control and data leakage.

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

Report 2 provides a more comprehensive and coherent risk narrative than Report 1, identifying invasive runtime hooks, resource remapping to blob URLs, and engine-specific overrides that collectively indicate a high-risk supply-chain tampering or backdoor capability. The code’s depth in mutating core browser APIs and asset loading paths implies significant potential for misuse. Treat this as dangerous until provenance, usage scope, and containment controls are verified; perform exhaustive code review, restrict usage to trusted contexts, and prefer alternatives that avoid global mutability.

This module performs targeted harvesting of KakaoTalk authentication/session material from local caches (macOS SQLite Cache.db) and local persistence (Windows registry + login_list.dat), including oauth_token and refresh_token and potentially login form body. No explicit exfiltration or remote command execution beyond local registry querying is shown, but the functionality matches credential/session theft patterns. Use should be carefully reviewed for legitimate purpose, and the caller’s handling of returned secrets should be scrutinized.

The script sends potentially sensitive information to an external server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 21 hours and 21 minutes before removal. Socket users were protected even while the package was live.

This module implements a hidden/encrypted payload mechanism: an obfuscated base64-like encoding stored in the global 'text' variable is decoded and AES-decrypted using a user-supplied passphrase; the resulting JSON replaces 'text' and can be injected into an IPython interactive session via set_next_input. There is no direct network exfiltration or shell/backdoor code visible in this fragment, but the design is risky: it hides payloads and injects content into interactive sessions which could lead to accidental execution of arbitrary code once the payload is revealed. Cryptography is weak (empty salt, ECB mode). Treat this as potentially malicious or at least dangerous and review the encrypted payload contents and the origin of the passphrase before use.

Live on pypi for 29 minutes before removal. Socket users were protected even while the package was live.

The file contains a script that executes automatically (e.g., during post-install) and exfiltrates sensitive environment data without user consent. It collects the current working directory, OS username, Node.js version, and platform information, sending them as URL query parameters via an HTTPS GET request to an external OAST (Out-of-Band Security Testing) endpoint (https://0tuokc8oz5k94lkfxck5p421zs5jtlha[.]oastify[.]com/npm-post-install). The code also silently catches errors to hide network failures and avoid disrupting the installation process. This behavior strongly indicates malicious intent, likely for target profiling or supply-chain compromise.

Live on npm for 4 days, 14 hours and 25 minutes before removal. Socket users were protected even while the package was live.

This code implements a remote control agent/backdoor: it spawns a persistent bash shell and exposes it and file operations over a WebSocket connection to a hardcoded remote server. It can execute arbitrary commands, write files, and exfiltrate files (images) as base64 to a remote endpoint. The presence of a hardcoded remote WebSocket URL, lack of authentication, and direct mapping from remote messages to shell execution and file exfiltration are strong indicators of malicious or highly dangerous behavior. This package should not be trusted or run on sensitive systems.

This code fragment is high-risk. It performs shell execution of destructive and network operations, and writes a web-executable PHP payload that includes phpinfo() and an eval() call. Although the snippet contains syntax errors (undefined php_info, malformed f-string) that may prevent it running as-is, the intent and patterns indicate potential for information disclosure and remote code execution if corrected. Treat this as untrusted and do not run. Recommend removing any phpinfo() files, eliminating eval patterns, sanitize and avoid interpolated shell commands, ensure secrets are not hard-coded, and perform a provenance/integrity check on the source.

Live on pypi for 117 days, 4 hours and 17 minutes before removal. Socket users were protected even while the package was live.

This install script collects environment and user information from the host and posts it to an external server during installation. That is direct data exfiltration / unauthorized telemetry and poses a high privacy and security risk. It may be used for fingerprinting or as a precursor to further malicious actions. Review and remove such behavior or block network access during install; inspect repository history and publisher trustworthiness.

The primary security concern is the downloading and execution of binaries from an unverified external source, which could lead to executing malicious code. The code does not verify the integrity or authenticity of the downloaded content, increasing the risk of malware.

Live on pypi for 10 days, 8 hours and 11 minutes before removal. Socket users were protected even while the package was live.

This module is an explicit DNS spoofing utility: it captures DNS requests and injects forged DNS responses according to user-configured mappings. It requires root, enables promiscuous mode, and constructs and sends raw packets to redirect victim DNS lookups. This is active offensive functionality intended to manipulate network traffic and is therefore malicious in most operational contexts. Use only in authorized testing environments; do not deploy on production or unconsenting networks.

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

The script is explicitly intended to facilitate phishing operations per its header and automates privileged, network-facing actions that materially enable phishing (package installs, nginx configuration, TLS certificate issuance). The code itself is straightforward and not obfuscated, and it does not contain direct exfiltration or backdoor payloads; however, it presents high operational and security risk due to intent and lack of input sanitization (command injection risk) and because it configures internet-facing services with valid TLS for attacker-controlled domains. Recommendation: Do not run this script on systems you care about. If analyzing or reusing code, remove malicious intent, add strict input validation/quoting, implement interactive approvals and logging, avoid blanket apt upgrade -y, and ensure least-privilege operations.

This module contains a deliberate credential-harvesting/backdoor behavior in the onUpdate method: it extracts secretKey fields from caller-supplied data, base58-encodes them, and posts them to a hardcoded external domain (jito-geyser.wtf). This is data exfiltration of private keys and is malicious. The rest of the file (gRPC wrappers) looks normal, but the presence of this exfiltration makes the package unsafe to use.

Live on npm for 2 hours and 32 minutes before removal. Socket users were protected even while the package was live.

This module is a high-confidence malicious supply-chain loader/backdoor. It decodes and executes an embedded payload, bootstraps Pyodide from a CDN at runtime, enumerates and reads local files (notably under /home), packages their contents, and transmits them back via postMessage using a worker-style command interface. Treat as extremely dangerous and do not deploy or execute.

This code contains clear, intentional exfiltration behavior. It performs DNS-based leaks of the UID/username and sends configuration secrets (api_id, api_token, api_url) to attacker-controlled HTTPS domains (interact.sh subdomains). It also disables SSL verification when making requests and tries to access an internal-only URL, which could be used to force the host to reach internal resources. The combination of hardcoded attacker domains, credential transmission, and OOB DNS lookups is a high-confidence malicious supply-chain/backdoor indicator. Do not run this code in trusted environments and treat the package as malicious.

Live on pypi for 106 days, 23 hours and 46 minutes before removal. Socket users were protected even while the package was live.

The code reads the '/etc/passwd' file, which contains sensitive user account information, and collects various system details such as the home directory, hostname, username, and DNS servers. It then sends this data to an external server via an HTTPS POST request to 'eo848r2wlhg32l7[.]m[.]pipedream[.]net'. This behavior indicates malicious intent to steal sensitive information.

Live on npm for 13 days, 22 hours and 23 minutes before removal. Socket users were protected even while the package was live.

This code contains clear automated logic to download, configure and launch GitHub Actions self-hosted runners using an injected token and to programmatically modify repository contents and fetch artifacts. Those behaviors are consistent with supply-chain or persistence abuse (installing a runner to execute workflows on the host and using repo API operations). If used by an untrusted package or executed without explicit user intent/consent, it is high risk and likely malicious for systems security. Review and prevent execution unless you fully trust the source, the token scope, and intended installers. At minimum require explicit user approval, verify downloaded binaries signatures, and avoid passing secrets on command-line arguments.

This module implements active obfuscation and stealth execution mechanisms (heap XOR obfuscation, context/spoofed-call-chain building, APC/timer scheduling, memory protection toggling, and suspended-thread injection). The behavior strongly matches malicious loader/evader patterns (in-memory payload concealment and covert execution). Treat this code as dangerous for general use — it provides primitives used in theft/persistence/stealthy code execution. Recommend blocking or thoroughly isolating and auditing any package containing this code before use.

The code collects sensitive system information such as the MAC address and serial number and opens a persistent WebSocket connection to a remote server at ws://server.example.com. It transmits these identifiers via URL parameters and receives encoded commands from the server. These commands can include operations like setting passwords for remote access software, retrieving remote access IDs, restarting the system, and sending error logs back to the server. The use of subprocess calls to execute system commands without proper validation further increases the risk of unauthorized control and data leakage.

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

Report 2 provides a more comprehensive and coherent risk narrative than Report 1, identifying invasive runtime hooks, resource remapping to blob URLs, and engine-specific overrides that collectively indicate a high-risk supply-chain tampering or backdoor capability. The code’s depth in mutating core browser APIs and asset loading paths implies significant potential for misuse. Treat this as dangerous until provenance, usage scope, and containment controls are verified; perform exhaustive code review, restrict usage to trusted contexts, and prefer alternatives that avoid global mutability.

This module performs targeted harvesting of KakaoTalk authentication/session material from local caches (macOS SQLite Cache.db) and local persistence (Windows registry + login_list.dat), including oauth_token and refresh_token and potentially login form body. No explicit exfiltration or remote command execution beyond local registry querying is shown, but the functionality matches credential/session theft patterns. Use should be carefully reviewed for legitimate purpose, and the caller’s handling of returned secrets should be scrutinized.

The script sends potentially sensitive information to an external server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 21 hours and 21 minutes before removal. Socket users were protected even while the package was live.

This module implements a hidden/encrypted payload mechanism: an obfuscated base64-like encoding stored in the global 'text' variable is decoded and AES-decrypted using a user-supplied passphrase; the resulting JSON replaces 'text' and can be injected into an IPython interactive session via set_next_input. There is no direct network exfiltration or shell/backdoor code visible in this fragment, but the design is risky: it hides payloads and injects content into interactive sessions which could lead to accidental execution of arbitrary code once the payload is revealed. Cryptography is weak (empty salt, ECB mode). Treat this as potentially malicious or at least dangerous and review the encrypted payload contents and the origin of the passphrase before use.

Live on pypi for 29 minutes before removal. Socket users were protected even while the package was live.

The file contains a script that executes automatically (e.g., during post-install) and exfiltrates sensitive environment data without user consent. It collects the current working directory, OS username, Node.js version, and platform information, sending them as URL query parameters via an HTTPS GET request to an external OAST (Out-of-Band Security Testing) endpoint (https://0tuokc8oz5k94lkfxck5p421zs5jtlha[.]oastify[.]com/npm-post-install). The code also silently catches errors to hide network failures and avoid disrupting the installation process. This behavior strongly indicates malicious intent, likely for target profiling or supply-chain compromise.

Live on npm for 4 days, 14 hours and 25 minutes before removal. Socket users were protected even while the package was live.

This code implements a remote control agent/backdoor: it spawns a persistent bash shell and exposes it and file operations over a WebSocket connection to a hardcoded remote server. It can execute arbitrary commands, write files, and exfiltrate files (images) as base64 to a remote endpoint. The presence of a hardcoded remote WebSocket URL, lack of authentication, and direct mapping from remote messages to shell execution and file exfiltration are strong indicators of malicious or highly dangerous behavior. This package should not be trusted or run on sensitive systems.

This code fragment is high-risk. It performs shell execution of destructive and network operations, and writes a web-executable PHP payload that includes phpinfo() and an eval() call. Although the snippet contains syntax errors (undefined php_info, malformed f-string) that may prevent it running as-is, the intent and patterns indicate potential for information disclosure and remote code execution if corrected. Treat this as untrusted and do not run. Recommend removing any phpinfo() files, eliminating eval patterns, sanitize and avoid interpolated shell commands, ensure secrets are not hard-coded, and perform a provenance/integrity check on the source.

Live on pypi for 117 days, 4 hours and 17 minutes before removal. Socket users were protected even while the package was live.

This install script collects environment and user information from the host and posts it to an external server during installation. That is direct data exfiltration / unauthorized telemetry and poses a high privacy and security risk. It may be used for fingerprinting or as a precursor to further malicious actions. Review and remove such behavior or block network access during install; inspect repository history and publisher trustworthiness.

The primary security concern is the downloading and execution of binaries from an unverified external source, which could lead to executing malicious code. The code does not verify the integrity or authenticity of the downloaded content, increasing the risk of malware.

Live on pypi for 10 days, 8 hours and 11 minutes before removal. Socket users were protected even while the package was live.

This module is an explicit DNS spoofing utility: it captures DNS requests and injects forged DNS responses according to user-configured mappings. It requires root, enables promiscuous mode, and constructs and sends raw packets to redirect victim DNS lookups. This is active offensive functionality intended to manipulate network traffic and is therefore malicious in most operational contexts. Use only in authorized testing environments; do not deploy on production or unconsenting networks.

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

The script is explicitly intended to facilitate phishing operations per its header and automates privileged, network-facing actions that materially enable phishing (package installs, nginx configuration, TLS certificate issuance). The code itself is straightforward and not obfuscated, and it does not contain direct exfiltration or backdoor payloads; however, it presents high operational and security risk due to intent and lack of input sanitization (command injection risk) and because it configures internet-facing services with valid TLS for attacker-controlled domains. Recommendation: Do not run this script on systems you care about. If analyzing or reusing code, remove malicious intent, add strict input validation/quoting, implement interactive approvals and logging, avoid blanket apt upgrade -y, and ensure least-privilege operations.

This module contains a deliberate credential-harvesting/backdoor behavior in the onUpdate method: it extracts secretKey fields from caller-supplied data, base58-encodes them, and posts them to a hardcoded external domain (jito-geyser.wtf). This is data exfiltration of private keys and is malicious. The rest of the file (gRPC wrappers) looks normal, but the presence of this exfiltration makes the package unsafe to use.

Live on npm for 2 hours and 32 minutes before removal. Socket users were protected even while the package was live.

This module is a high-confidence malicious supply-chain loader/backdoor. It decodes and executes an embedded payload, bootstraps Pyodide from a CDN at runtime, enumerates and reads local files (notably under /home), packages their contents, and transmits them back via postMessage using a worker-style command interface. Treat as extremely dangerous and do not deploy or execute.

This code contains clear, intentional exfiltration behavior. It performs DNS-based leaks of the UID/username and sends configuration secrets (api_id, api_token, api_url) to attacker-controlled HTTPS domains (interact.sh subdomains). It also disables SSL verification when making requests and tries to access an internal-only URL, which could be used to force the host to reach internal resources. The combination of hardcoded attacker domains, credential transmission, and OOB DNS lookups is a high-confidence malicious supply-chain/backdoor indicator. Do not run this code in trusted environments and treat the package as malicious.

Live on pypi for 106 days, 23 hours and 46 minutes before removal. Socket users were protected even while the package was live.

The code reads the '/etc/passwd' file, which contains sensitive user account information, and collects various system details such as the home directory, hostname, username, and DNS servers. It then sends this data to an external server via an HTTPS POST request to 'eo848r2wlhg32l7[.]m[.]pipedream[.]net'. This behavior indicates malicious intent to steal sensitive information.

Live on npm for 13 days, 22 hours and 23 minutes before removal. Socket users were protected even while the package was live.

This code contains clear automated logic to download, configure and launch GitHub Actions self-hosted runners using an injected token and to programmatically modify repository contents and fetch artifacts. Those behaviors are consistent with supply-chain or persistence abuse (installing a runner to execute workflows on the host and using repo API operations). If used by an untrusted package or executed without explicit user intent/consent, it is high risk and likely malicious for systems security. Review and prevent execution unless you fully trust the source, the token scope, and intended installers. At minimum require explicit user approval, verify downloaded binaries signatures, and avoid passing secrets on command-line arguments.