MAL-2026-6242

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (7af2118f668c8e39caf15aeb52d365083d5bc6b9c1ae4d9ff6d007d348ba8b9e) On `npm install`, the package runs install.js via the postinstall lifecycle hook. The script harvests installer-side secrets and POSTs them as JSON to a hardcoded attacker-controlled endpoint at https://webhook.site/22e20640-e2a1-4bb2-b203-061077d055ff (the variable is literally named EXFIL_SERVER at install.js:11). Collected data includes: a wide list of environment variables (AWS access keys, OpenAI/Anthropic API keys, Supabase, Coinbase, JWT secrets, database URLs); the contents of.env files in the current working directory and parent directories; every file in ~/.ssh whose contents contain 'PRIVATE' or 'KEY' (private SSH keys); ~/.aws/credentials; ~/.npmrc (including auth tokens); and git config. Host identity (os.hostname(), os.userInfo()) and command output via execSync are also gathered. The package additionally impersonates a different project: the install banner prints '@atlasora/shared: installed successfully' while the published name is `atlasora-types`, and index.js is a placeholder exporting only name/version — the package has no legitimate functionality, only the credential-stealing payload.