Which versions of @orion-design-system/store are malicious?

The following npm versions of @orion-design-system/store are flagged malicious: 9999.0.0, 9999.0.1, 9999.0.2. Treat any of these as compromised.

How do I remediate @orion-design-system/store if I installed it?

@orion-design-system/store is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed @orion-design-system/store — how do I know if it already compromised me?

If @orion-design-system/store was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is @orion-design-system/store part of a known attack campaign?

Yes — @orion-design-system/store is associated with the IN-MAL-2026-005263, IN-MAL-2026-005276, IN-MAL-2026-005264, IN-MAL-2026-005273, IN-MAL-2026-005275, IN-MAL-2026-005274 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find @orion-design-system/store across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for @orion-design-system/store (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging @orion-design-system/store across your stack and pipelines.

Malicious package

@orion-design-system/storenpm

Malicious code in @orion-design-system/store (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5524

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall @orion-design-system/store

What this malware does

package.json declares a preinstall script that runs on every npm install. The script uses node -e to require os and https, reads os.hostname() and os.userInfo().username, and exfiltrates them to d8kn5vlt5p5h1j34mbcgbx1nffwjobfoh.oast.fun (an Interactsh OAST callback host) via both an HTTPS GET with the values in the query string and a DNS lookup with the hostname embedded in the subdomain. The package combines this active exfiltration with a textbook Alex Birsan dependency-confusion shape: an internal-looking scope (@orion-design-system), an absurdly high version (9999.0.0) designed to win version resolution against a private registry, and a README that explicitly names the target organization (Cloud Imperium Games / Roberts Space Industries). Any build system misconfigured to resolve the public copy over a private internal package will leak host identifiers to the attacker-controlled OAST endpoint at install time. 'Authorized research' framing in the README does not neutralize the install-time payload — the script fires unconditionally on any installer that resolves this package.

Malicious versions

3 flagged

9999.0.09999.0.19999.0.2

Indicators of compromise (SHA-256)

18c29b2dcc4ee4794aa7b5a1199b5775d54d56eec361d95720af15dc1ddd7916

9815f5aa81bcd030a391df30c297ef8fdfe95111569b4d2b77e5aeba1d2183d9

1b337743ad6e42e473396da2514abe56ba198f0776eaf2c7583335007066472e

32e10728cad830e305f8b7884fd0577b993901223cb5e658620f73d397a3355c

4218505b74ba258cea12df713bbc27db9fa58d6660cf83e6d0c5fd8a9f68a4c2

69f8ac78836d4508d6c1647cceec0814cd41da0cdf862199e2e4b7d9dccb8944

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for @orion-design-system/store (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging @orion-design-system/store across your stack and pipelines.
If you installed it — respond
@orion-design-system/store is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If @orion-design-system/store was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks @orion-design-system/store before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. @orion-design-system/store on npm has been identified as a malicious package (versions 9999.0.0, 9999.0.1, 9999.0.2 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005263IN-MAL-2026-005276IN-MAL-2026-005264IN-MAL-2026-005273IN-MAL-2026-005275IN-MAL-2026-005274

References

Credits

Amazon Inspector · finder

Detect & block this

O3 blocks @orion-design-system/store-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring