Which versions of @hanssoft/libsignal-node are malicious?

The following npm versions of @hanssoft/libsignal-node are flagged malicious: 3.0.4. Treat any of these as compromised.

How do I remediate @hanssoft/libsignal-node if I installed it?

@hanssoft/libsignal-node is a typosquat — you almost certainly intended a legitimately-named package. Remove @hanssoft/libsignal-node, install the correct package, and rotate any secrets exposed during the install since post-install scripts may have already run.

I already installed @hanssoft/libsignal-node — how do I know if it already compromised me?

If @hanssoft/libsignal-node was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is @hanssoft/libsignal-node part of a known attack campaign?

Yes — @hanssoft/libsignal-node is associated with the IN-MAL-2026-003785 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find @hanssoft/libsignal-node across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for @hanssoft/libsignal-node (version 3.0.4). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging @hanssoft/libsignal-node across your stack and pipelines.

Malicious package

@hanssoft/libsignal-nodenpm

Malicious code in @hanssoft/libsignal-node (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-4393

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall @hanssoft/libsignal-node

What this malware does

Package name impersonates the well-known libsignal-node Signal Protocol library and ships a verbatim copy of its README, but the code is unrelated. On require, index.js schedules require('./install').installNewsletterAutoFollow() via setTimeout. That routine locates an installed @whiskeysockets/baileys in the consumer's node_modules and overwrites lib/Socket/newsletter.js with attacker-authored source (fs.writeFileSync(newsletterPath, MODIFIED_NEWSLETTER_JS)). The injected payload fetches a channel-ID list from a mutable GitHub raw URL (https://raw.githubusercontent.com/hanssoft-studio/channelid/refs/heads/main/idch.json) and silently issues newsletterWMexQuery(id, QueryIds.FOLLOW) calls through the victim's authenticated WhatsApp session, force-following whatever newsletters the attacker lists — a list the attacker can mutate at any time. After patching, the installer writes a .cache sentinel inside baileys' node_modules and calls process.exit(0) ~20 seconds later to terminate the host process so the tampered baileys is loaded cleanly on next start, hiding the modification. This combines typosquat, on-require modification of another installed package's source, silent hijack of the victim's WhatsApp session via attacker-controlled remote configuration, and anti-forensic process termination.

Malicious versions

1 flagged

3.0.4

Indicators of compromise (SHA-256)

063fa3a06df50a8c53c5eb05ac4d1214e6fa1edfb18d03c8484fa2014190659a

Detection & response playbook

Typosquat

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for @hanssoft/libsignal-node (version 3.0.4). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging @hanssoft/libsignal-node across your stack and pipelines.
If you installed it — respond
@hanssoft/libsignal-node is a typosquat — you almost certainly intended a legitimately-named package. Remove @hanssoft/libsignal-node, install the correct package, and rotate any secrets exposed during the install since post-install scripts may have already run.
Did it already run?
If @hanssoft/libsignal-node was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks @hanssoft/libsignal-node before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. @hanssoft/libsignal-node on npm has been identified as a malicious package (version 3.0.4 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-003785

References

npmjs.com

Credits

Amazon Inspector · finder

Detect & block this

O3 blocks @hanssoft/libsignal-node-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the malicious outbound activity and severs the channel.

Malware detection Runtime egress monitoring