mal-2026-4404
Vulnerability from ossf_malicious_packages
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (23e2b702fc2de01ebe69a6d2baa4766782db91842f096c04b4b5d019105cd91b)
@loans/vehicles-api is a dependency-confusion package targeting an internal @loans npm scope (claimed homepage docs.loans.io, README directs users to a private registry npm.loans.io) but published to the public npm registry with a malicious scripts/postinstall.js. On npm install, the postinstall script (1) downloads a per-OS payload from https://oob.moika.tech/payload/{linux,mac,win}, writes it to os.tmpdir() as._loans_init.sh/.bat, chmods 0755, and spawns it via /bin/sh or cmd.exe with no hash/signature verification — unconditional install-time remote code execution; (2) enumerates process.env for credential-shaped keys (npm_token, npm_config_authtoken, node_auth_token, npm_config__auth, github_token, aws_access_key_id, aws_secret_access_key, aws_session_token, artifactory_token, nexus_token) and POSTs the values to https://oob.moika.tech/report; (3) reads ~/.npmrc, /etc/npmrc,./.npmrc, and../.npmrc (which commonly contain registry _authToken entries) and exfiltrates their contents; (4) collects host fingerprint (hostname, username, platform, arch, cwd, node/npm versions, full PATH, CI flags) and self-identifies in the JSON payload as poc: 'dependency-confusion-npm'. The destination domain oob.moika.tech does not match the claimed publisher (loans.io). Any installer whose internal resolver selects this public version is fully compromised at install time.
Source: ghsa-malware (5d62d4ca15489ece64967213da844d77116eb713dd14885fcceddb4520c37086)
Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
{
"affected": [
{
"database_specific": {
"cwes": [
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
}
],
"indicators": {
"domains": [
"oob.moika.tech"
],
"evidence_files": [
{
"path": "scripts/postinstall.js",
"sha256": "648dea8db26cf6fed89edc5c5439308a167639ecd705961f3a6cfe41f3eeb15c",
"tlsh": "69c1c8db23fb913503d6b6eae91b6412e623b1033d05e9e4f95c41006f8a56c9673eec"
},
{
"path": "package.json",
"sha256": "881ca538e9616e59e52461732a9310b9ef33278e955416fe16557e04d4e3e49f",
"tlsh": "f5119b36c7398d3316d475e6e9a40502bd724d8b0849fd0c27c3101c4b8e0bb54be27e"
}
],
"package_integrity": [
{
"filename": "vehicles-api-9.9.10.tgz",
"hashes": {
"sha1": "ce2f10a57efd235fc7ea95e57e39f55c28eed211",
"sha512_sri": "sha512-c2HaN7NvzgDnnz945v2kIN0o529Qb64b+l/Ur5ldbxy1HNam43a/uvcaBLTmhXmqYxDNuuOr/8NEILwIhrvBlw=="
}
}
]
}
},
"package": {
"ecosystem": "npm",
"name": "@loans/vehicles-api"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "SEMVER"
}
],
"versions": [
"9.9.10"
]
}
],
"aliases": [
"GHSA-fp77-68vp-78c2"
],
"credits": [
{
"contact": [
"actran@amazon.com"
],
"name": "Amazon Inspector",
"type": "FINDER"
}
],
"database_specific": {
"malicious-packages-origins": [
{
"id": "IN-MAL-2026-004710",
"import_time": "2026-05-26T05:53:08.063126991Z",
"modified_time": "2026-05-25T15:35:06Z",
"sha256": "051ff47d075020d6d8f069e226173699c0dd69727c77f40f6050c4bf6ec8cd2a",
"source": "amazon-inspector",
"versions": [
"9.9.10"
]
},
{
"id": "IN-MAL-2026-004709",
"import_time": "2026-05-26T05:53:07.942853962Z",
"modified_time": "2026-05-25T15:35:06Z",
"sha256": "23e2b702fc2de01ebe69a6d2baa4766782db91842f096c04b4b5d019105cd91b",
"source": "amazon-inspector",
"versions": [
"9.9.10"
]
},
{
"id": "GHSA-fp77-68vp-78c2",
"import_time": "2026-05-28T15:25:19.329681328Z",
"modified_time": "2026-05-28T13:39:44Z",
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "SEMVER"
}
],
"sha256": "5d62d4ca15489ece64967213da844d77116eb713dd14885fcceddb4520c37086",
"source": "ghsa-malware"
}
]
},
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (23e2b702fc2de01ebe69a6d2baa4766782db91842f096c04b4b5d019105cd91b)\n@loans/vehicles-api is a dependency-confusion package targeting an internal @loans npm scope (claimed homepage docs.loans.io, README directs users to a private registry npm.loans.io) but published to the public npm registry with a malicious scripts/postinstall.js. On `npm install`, the postinstall script (1) downloads a per-OS payload from https://oob.moika.tech/payload/{linux,mac,win}, writes it to os.tmpdir() as._loans_init.sh/.bat, chmods 0755, and spawns it via /bin/sh or cmd.exe with no hash/signature verification \u2014 unconditional install-time remote code execution; (2) enumerates process.env for credential-shaped keys (npm_token, npm_config_authtoken, node_auth_token, npm_config__auth, github_token, aws_access_key_id, aws_secret_access_key, aws_session_token, artifactory_token, nexus_token) and POSTs the values to https://oob.moika.tech/report; (3) reads ~/.npmrc, /etc/npmrc,./.npmrc, and../.npmrc (which commonly contain registry _authToken entries) and exfiltrates their contents; (4) collects host fingerprint (hostname, username, platform, arch, cwd, node/npm versions, full PATH, CI flags) and self-identifies in the JSON payload as `poc: \u0027dependency-confusion-npm\u0027`. The destination domain oob.moika.tech does not match the claimed publisher (loans.io). Any installer whose internal resolver selects this public version is fully compromised at install time.\n\n## Source: ghsa-malware (5d62d4ca15489ece64967213da844d77116eb713dd14885fcceddb4520c37086)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n",
"id": "MAL-2026-4404",
"modified": "2026-05-28T15:26:36Z",
"published": "2026-05-25T15:35:06Z",
"references": [
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@loans/vehicles-api/v/9.9.10"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-fp77-68vp-78c2"
}
],
"schema_version": "1.7.4",
"summary": "Malicious code in @loans/vehicles-api (npm)"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.