A malicious npm package deal posing as an OpenClaw Installer has been caught deploying a distant entry trojan (RAT) on sufferer machines, based on new JFrog analysis.
The package deal, revealed underneath the identify “@openclaw-ai/openclawai”, pretends to be an installer for the legit CLI device however as a substitute launches a multi-stage an infection chain that steals system credentials, browser knowledge, cryptocurrency wallets, SSH Keys, and Apple Keychain databases earlier than establishing persistence.
“The assault is notable for its broad knowledge assortment, its use of social engineering to reap the sufferer’s system password, and the sophistication of its persistence and C2 infrastructure,” JFrog researchers stated in a weblog submit.
Internally, the malware recognized itself as “GhostLoader.”
Social engineering for harvesting credentials
Researchers defined that the revealed package deal features a safe-looking JavaScript utility and typical venture metadata, hiding the malicious logic in its “scripts” listing.
The set off happens throughout set up. A postinstall script installs the package deal globally, guaranteeing the attacker-controlled binary lands on the system PATH. This binary then launches an obfuscated setup script that acts because the first-stage dropper. On execution, the dropper shows what seems to be a legit command-line installer with animated progress bars and system messages.
Nevertheless, behind the scenes, the malware concurrently fetches a second-stage payload from a distant server.
Because the pretend set up sequence finishes, the person is prompted to offer administrator credentials that are validated towards the working system. Upto 5 makes an attempt are allowed, and “Failed makes an attempt present ‘Authentication failed. Please attempt once more.’ – precisely mimicking actual OS conduct,” researchers added.
Whereas the person believes the set up has accomplished usually, the precise payload continues executing silently within the background.
From password theft to persistence
The second stage malware, internally known as “GhostLoader,” is a big JavaScript bundle implementing each an infostealer and a distant entry framework. As soon as launched, GhostLoader installs itself right into a hidden listing disguised as an npm telemetry service and units up persistence mechanisms which embody shell configuration hooks that robotically relaunch the malware if it stops working.
Parallelly, the malware begins harvesting delicate knowledge throughout the system. In accordance with the researchers, the payload targets browser credentials, saved cookies, SSH keys, cryptocurrency wallets, Apple Keychain knowledge, and private software knowledge resembling iMessage historical past and e-mail information.
The malware additionally has a RAT part that permits distant operators to route site visitors via the contaminated machine utilizing a SOCKS5 proxy and even clone energetic browser classes, permitting attackers to impersonate customers in actual time.
The marketing campaign contains a number of anti-forensics methods designed to evade detection and evaluation. The GhostClaw payload hides its conduct via heavy obfuscation and staged execution, decrypting key elements solely at runtime and eradicating momentary artifacts generated in the course of the set up course of.
JFrog researchers famous that the marketing campaign marks one other abuse of npm’s capability to execute set up scripts. They suggested builders to deal with npm packages that request system credentials, execute postinstall scripts, or obtain exterior payloads throughout set up as suspicious, and beneficial putting in developer instruments solely from verified or official sources.
