Secure your dependencies. Ship with confidence.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This file implements an unattended update mechanism that fetches and installs .tgz archives from unverified remote sources—both the npm registry (registry[.]npmjs[.]org) and a configurable Firebase-style database URL—by downloading, extracting them into the application directory and then restarting PM2-managed processes. Because there is no cryptographic signature or checksum validation beyond a simple version check, a compromised registry account or database endpoint could deliver arbitrary code to every host running this updater. Additionally, on startup the script gathers extensive system and package metadata—including public IP (via api[.]ipify[.]org), local IP addresses, hostname, OS/platform, Node.js version, CPU/memory statistics, load averages, working directory and package.json fields—and posts it to a configurable Discord webhook endpoint (discordapp[.]com). This behavior poses both a supply-chain risk and a telemetry/privacy exposure risk, as sensitive host information is sent to an external service without explicit user consent or granular control.

This file contains a backdoor that reads arbitrary local files (default: “./pk.txt”) via fs.promises.readFile and sends their contents as messages to an attacker-controlled Telegram chat. It issues HTTP POSTs to https://api[.]telegram[.]org/bot{hardcoded_token}/sendMessage with the file data in the text field, leveraging a hardcoded bot token and chat ID without any user consent or indication. This behavior is unauthorized data exfiltration of potentially sensitive wallet keys or other secrets.

Live on npm for 4 days, 5 hours and 43 minutes before removal. Socket users were protected even while the package was live.

The code is likely intended for exfiltrating sensitive information from an environment based on certain conditions. The use of an obfuscated domain and Base64 encoding, combined with the targeted filtering and lack of legitimate functionality, suggests malicious intent.

Live on npm for 1 minute before removal. Socket users were protected even while the package was live.

This module implements an unauthenticated network-accessible remote Python REPL / RCE backdoor. Any client able to connect can execute arbitrary Python code with the privileges of the running process, access files, spawn subprocesses, and exfiltrate data via the returned output. Treat this code as highly dangerous: do not run it in production or on sensitive hosts. If found in a dependency, remove or isolate it, rotate any credentials that may have been exposed, and investigate for abuse.

The code is suspicious as it retrieves update information from an unverified external source and uses 'execSync' to run shell commands, which could lead to remote code execution if the external content is compromised. Furthermore, the code attempts to forcibly update and reinstall packages which is not typical for secure update practices.

Live on npm for 8 minutes before removal. Socket users were protected even while the package was live.

Code exhibits suspicious behavior through detached process spawning and dynamic code execution via eval(). The spawned process runs independently and could persist after parent exits. While the eval'd code appears benign (just logging), the overall pattern suggests potential malicious intent or poor security practices.

Live on npm for 9 days, 18 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The code contains a high probability of malicious behavior. It attempts to download and execute a file from an external source in the background without the user's knowledge. The use of subprocess with shell=True and the writing of an executable to a system-like path are indicative of a supply chain attack.

Live on PyPI for 16 days, 6 hours and 27 minutes before removal. Socket users were protected even while the package was live.

The file is a runtime loader/packer that decodes an embedded payload and executes it dynamically. Static evidence (open/read, unhexlify/decode, ''.join assembly, eval/exec, __import__, and function names implying execution/file operations) indicates high risk: the module is intentionally obfuscated and likely designed to execute unknown code at runtime. Treat as malicious/untrusted until the decoded payload is safely extracted and audited. Do NOT execute this code on production or non-isolated systems. Recommended next steps: extract and run the decode routine inside a fully-instrumented, network-isolated sandbox to capture the deobfuscated source and all runtime effects (file system, process execution, network connections), and then perform a detailed forensic review of the deobfuscated payload.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

The script is designed to send sensitive information from the local system to an external server, which is a serious security risk and indicative of malicious behavior.

Live on npm for 3 days, 9 hours and 37 minutes before removal. Socket users were protected even while the package was live.

This code intentionally installs and configures an SSH server, sets a root password provided as input, enables root/password SSH login, and opens a remote-access tunnel using ngrok with the provided authtoken. These actions create a high-risk remote backdoor and represent a significant supply-chain and operational security hazard (downloading and executing a remote binary without verification, changing system account credentials, and exposing port 22 to the internet). Even if the intended use is legitimate (remote development), the code is not safe and should not be executed in sensitive environments. Recommend not using this package or only running under tightly controlled, isolated, audited environments with trusted binaries and authtokens.

The code attempts to exfiltrate sensitive system information, including potentially sensitive data from the /etc/passwd file, to a remote endpoint. The use of 'rejectUnauthorized: false' and the construction of the endpoint URL using system variables adds to the suspicious nature of the code. Therefore, the security risk is high.

Live on npm for 2 minutes before removal. Socket users were protected even while the package was live.

This code uses sophisticated obfuscation techniques (string reversal, base64 encoding, and zlib compression) to hide malicious functionality. The use of exec() to run dynamically generated code from an obfuscated payload is a clear security risk. This pattern is commonly used in malware to evade detection and execute harmful operations. The code should be considered malicious and should not be executed.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This module performs immediate, unsolicited collection of local environment and package metadata and transmits it to a hard-coded external domain. The behavior is covert (silent error handling), executed on module load (no opt-in), and transmits potentially sensitive information. This is consistent with malicious or privacy-invasive telemetry/exfiltration. Treat the package as malicious/untrusted: remove it from environments, audit systems where it was installed, and rotate any credentials that may have been exposed. Block the indicated domain and investigate outbound connections.

Live on npm for 2 days, 7 hours and 53 minutes before removal. Socket users were protected even while the package was live.

This code is malicious malware performing unauthorized data theft and exfiltration of sensitive system information. It poses a severe security risk and should be considered dangerous. The code is not obfuscated but is clearly designed to steal and leak data to an attacker-controlled endpoint.

Live on npm for 4 hours and 51 minutes before removal. Socket users were protected even while the package was live.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

The code contains a critical security vulnerability: dynamic execution of remotely fetched code via eval(), enabling arbitrary remote code execution. This behavior is highly suspicious and constitutes a severe supply chain security risk. The obfuscation and retry mechanisms further indicate potential malicious intent. The package should be considered dangerous and untrusted unless the remote code source is fully controlled and verified. Immediate remediation or removal is recommended.

Live on npm for 2 days, 15 hours and 57 minutes before removal. Socket users were protected even while the package was live.

Malicious bash initialization script that performs destructive filesystem operations on macOS systems. When the external helper script 'isuserdarwin.sh' returns true, the script silently executes 'sudo rm -rf' to delete critical user directories including ~/Applications, ~/Movies, ~/Music, ~/Pictures, ~/Public, and ~/Sites without user confirmation. It also removes the macOS sleepimage file at /private/var/vm/sleepimage. The script modifies SSH directory permissions using 'sudo chmod -R go-rw' which can break SSH access or expose credentials. All destructive operations have their output suppressed with '>/dev/null 2>&1' to hide failures and make the actions stealthy. The script uses eval to execute the output of /usr/bin/dircolors, creating a command injection risk if the binary is compromised. It depends on external scripts (paper.sh, isuserdarwin.sh, debug.sh) whose contents are unknown and could execute arbitrary code. The destructive operations are embedded within what appears to be routine shell configuration code, likely to disguise the malicious intent.

The code shows strong indicators of potential hidden payload delivery and runtime code execution via embedded resources and Python integration. While some parts may serve legitimate device communication, the presence of resource-driven decryption, dynamic Python execution, and extensive obfuscation constitutes a credible security risk and potential backdoor vector in a public package. This warrants caution, thorough integrity checks, and isolation/auditing of embedded resources and Python payloads before deploying or including this library in a dependency tree.

This code uses encryption to obfuscate and hide its true functionality, then executes the hidden code. This is a classic pattern used in malware and malicious scripts to evade detection. The use of exec() on decrypted content is extremely dangerous as it allows arbitrary code execution. Without being able to inspect the decrypted payload, this code should be considered high risk and potentially malicious.

Live on PyPI for 6 days, 16 hours and 10 minutes before removal. Socket users were protected even while the package was live.

The script is designed to create a reverse shell to a remote server, which poses a significant security risk and is considered malware.

Live on npm for 1 hour and 41 minutes before removal. Socket users were protected even while the package was live.

This module is an exploit script that builds a classical buffer overflow payload (padding + controlled EIP + NOP sled + embedded shellcode) and transmits it to a target FTP server via the USER command on port 21. The code is offensive in nature and poses a high risk if present in a dependency. Do not run it against systems without explicit authorization; remove or isolate it and analyze the embedded shellcode in a controlled environment if necessary.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This file implements an unattended update mechanism that fetches and installs .tgz archives from unverified remote sources—both the npm registry (registry[.]npmjs[.]org) and a configurable Firebase-style database URL—by downloading, extracting them into the application directory and then restarting PM2-managed processes. Because there is no cryptographic signature or checksum validation beyond a simple version check, a compromised registry account or database endpoint could deliver arbitrary code to every host running this updater. Additionally, on startup the script gathers extensive system and package metadata—including public IP (via api[.]ipify[.]org), local IP addresses, hostname, OS/platform, Node.js version, CPU/memory statistics, load averages, working directory and package.json fields—and posts it to a configurable Discord webhook endpoint (discordapp[.]com). This behavior poses both a supply-chain risk and a telemetry/privacy exposure risk, as sensitive host information is sent to an external service without explicit user consent or granular control.

This file contains a backdoor that reads arbitrary local files (default: “./pk.txt”) via fs.promises.readFile and sends their contents as messages to an attacker-controlled Telegram chat. It issues HTTP POSTs to https://api[.]telegram[.]org/bot{hardcoded_token}/sendMessage with the file data in the text field, leveraging a hardcoded bot token and chat ID without any user consent or indication. This behavior is unauthorized data exfiltration of potentially sensitive wallet keys or other secrets.

Live on npm for 4 days, 5 hours and 43 minutes before removal. Socket users were protected even while the package was live.

The code is likely intended for exfiltrating sensitive information from an environment based on certain conditions. The use of an obfuscated domain and Base64 encoding, combined with the targeted filtering and lack of legitimate functionality, suggests malicious intent.

Live on npm for 1 minute before removal. Socket users were protected even while the package was live.

This module implements an unauthenticated network-accessible remote Python REPL / RCE backdoor. Any client able to connect can execute arbitrary Python code with the privileges of the running process, access files, spawn subprocesses, and exfiltrate data via the returned output. Treat this code as highly dangerous: do not run it in production or on sensitive hosts. If found in a dependency, remove or isolate it, rotate any credentials that may have been exposed, and investigate for abuse.

The code is suspicious as it retrieves update information from an unverified external source and uses 'execSync' to run shell commands, which could lead to remote code execution if the external content is compromised. Furthermore, the code attempts to forcibly update and reinstall packages which is not typical for secure update practices.

Live on npm for 8 minutes before removal. Socket users were protected even while the package was live.

Code exhibits suspicious behavior through detached process spawning and dynamic code execution via eval(). The spawned process runs independently and could persist after parent exits. While the eval'd code appears benign (just logging), the overall pattern suggests potential malicious intent or poor security practices.

Live on npm for 9 days, 18 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The code contains a high probability of malicious behavior. It attempts to download and execute a file from an external source in the background without the user's knowledge. The use of subprocess with shell=True and the writing of an executable to a system-like path are indicative of a supply chain attack.

Live on PyPI for 16 days, 6 hours and 27 minutes before removal. Socket users were protected even while the package was live.

The file is a runtime loader/packer that decodes an embedded payload and executes it dynamically. Static evidence (open/read, unhexlify/decode, ''.join assembly, eval/exec, __import__, and function names implying execution/file operations) indicates high risk: the module is intentionally obfuscated and likely designed to execute unknown code at runtime. Treat as malicious/untrusted until the decoded payload is safely extracted and audited. Do NOT execute this code on production or non-isolated systems. Recommended next steps: extract and run the decode routine inside a fully-instrumented, network-isolated sandbox to capture the deobfuscated source and all runtime effects (file system, process execution, network connections), and then perform a detailed forensic review of the deobfuscated payload.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

The script is designed to send sensitive information from the local system to an external server, which is a serious security risk and indicative of malicious behavior.

Live on npm for 3 days, 9 hours and 37 minutes before removal. Socket users were protected even while the package was live.

This code intentionally installs and configures an SSH server, sets a root password provided as input, enables root/password SSH login, and opens a remote-access tunnel using ngrok with the provided authtoken. These actions create a high-risk remote backdoor and represent a significant supply-chain and operational security hazard (downloading and executing a remote binary without verification, changing system account credentials, and exposing port 22 to the internet). Even if the intended use is legitimate (remote development), the code is not safe and should not be executed in sensitive environments. Recommend not using this package or only running under tightly controlled, isolated, audited environments with trusted binaries and authtokens.

The code attempts to exfiltrate sensitive system information, including potentially sensitive data from the /etc/passwd file, to a remote endpoint. The use of 'rejectUnauthorized: false' and the construction of the endpoint URL using system variables adds to the suspicious nature of the code. Therefore, the security risk is high.

Live on npm for 2 minutes before removal. Socket users were protected even while the package was live.

This code uses sophisticated obfuscation techniques (string reversal, base64 encoding, and zlib compression) to hide malicious functionality. The use of exec() to run dynamically generated code from an obfuscated payload is a clear security risk. This pattern is commonly used in malware to evade detection and execute harmful operations. The code should be considered malicious and should not be executed.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This module performs immediate, unsolicited collection of local environment and package metadata and transmits it to a hard-coded external domain. The behavior is covert (silent error handling), executed on module load (no opt-in), and transmits potentially sensitive information. This is consistent with malicious or privacy-invasive telemetry/exfiltration. Treat the package as malicious/untrusted: remove it from environments, audit systems where it was installed, and rotate any credentials that may have been exposed. Block the indicated domain and investigate outbound connections.

Live on npm for 2 days, 7 hours and 53 minutes before removal. Socket users were protected even while the package was live.

This code is malicious malware performing unauthorized data theft and exfiltration of sensitive system information. It poses a severe security risk and should be considered dangerous. The code is not obfuscated but is clearly designed to steal and leak data to an attacker-controlled endpoint.

Live on npm for 4 hours and 51 minutes before removal. Socket users were protected even while the package was live.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

The code contains a critical security vulnerability: dynamic execution of remotely fetched code via eval(), enabling arbitrary remote code execution. This behavior is highly suspicious and constitutes a severe supply chain security risk. The obfuscation and retry mechanisms further indicate potential malicious intent. The package should be considered dangerous and untrusted unless the remote code source is fully controlled and verified. Immediate remediation or removal is recommended.

Live on npm for 2 days, 15 hours and 57 minutes before removal. Socket users were protected even while the package was live.

Malicious bash initialization script that performs destructive filesystem operations on macOS systems. When the external helper script 'isuserdarwin.sh' returns true, the script silently executes 'sudo rm -rf' to delete critical user directories including ~/Applications, ~/Movies, ~/Music, ~/Pictures, ~/Public, and ~/Sites without user confirmation. It also removes the macOS sleepimage file at /private/var/vm/sleepimage. The script modifies SSH directory permissions using 'sudo chmod -R go-rw' which can break SSH access or expose credentials. All destructive operations have their output suppressed with '>/dev/null 2>&1' to hide failures and make the actions stealthy. The script uses eval to execute the output of /usr/bin/dircolors, creating a command injection risk if the binary is compromised. It depends on external scripts (paper.sh, isuserdarwin.sh, debug.sh) whose contents are unknown and could execute arbitrary code. The destructive operations are embedded within what appears to be routine shell configuration code, likely to disguise the malicious intent.

The code shows strong indicators of potential hidden payload delivery and runtime code execution via embedded resources and Python integration. While some parts may serve legitimate device communication, the presence of resource-driven decryption, dynamic Python execution, and extensive obfuscation constitutes a credible security risk and potential backdoor vector in a public package. This warrants caution, thorough integrity checks, and isolation/auditing of embedded resources and Python payloads before deploying or including this library in a dependency tree.

This code uses encryption to obfuscate and hide its true functionality, then executes the hidden code. This is a classic pattern used in malware and malicious scripts to evade detection. The use of exec() on decrypted content is extremely dangerous as it allows arbitrary code execution. Without being able to inspect the decrypted payload, this code should be considered high risk and potentially malicious.

Live on PyPI for 6 days, 16 hours and 10 minutes before removal. Socket users were protected even while the package was live.

The script is designed to create a reverse shell to a remote server, which poses a significant security risk and is considered malware.

Live on npm for 1 hour and 41 minutes before removal. Socket users were protected even while the package was live.

This module is an exploit script that builds a classical buffer overflow payload (padding + controlled EIP + NOP sled + embedded shellcode) and transmits it to a target FTP server via the USER command on port 21. The code is offensive in nature and poses a high risk if present in a dependency. Do not run it against systems without explicit authorization; remove or isolate it and analyze the embedded shellcode in a controlled environment if necessary.