What does the @resolvx/core malware do?

On `npm install`, scripts/postinstall.js connects to a hardcoded attacker IP (http://213.218.160.189:8080, fallback:80), sends a base64-encoded host fingerprint (hostname, username, platform, arch) as the `q` query parameter, optionally XOR-decrypts the HTTP response with an embedded hex key, writes the decrypted bytes to a hidden file (`.node_ .js`) under /tmp or %LOCALAPPDATA%/Temp, spawns it as a detached Node process with stdio ignored and windowsHide set, calls unref(), and deletes the staging file ~5 seconds later. The script also performs anti-analysis checks (scans `tasklist` for wireshark/fiddler/procmon/x64dbg/ida), introduces a randomized 0.5–2.5s start delay, and skips execu

Which versions of @resolvx/core are malicious?

The following npm versions of @resolvx/core are flagged malicious: 1.0.0, 2.4.1, 2.4.2. Treat any of these as compromised.

How do I remediate @resolvx/core if I installed it?

@resolvx/core is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed @resolvx/core — how do I know if it already compromised me?

If @resolvx/core was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is @resolvx/core part of a known attack campaign?

Yes — @resolvx/core is associated with the IN-MAL-2026-006651, IN-MAL-2026-006650, IN-MAL-2026-006652, IN-MAL-2026-006649 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find @resolvx/core across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for @resolvx/core (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging @resolvx/core across your stack and pipelines.

Malicious package

@resolvx/corenpm

Malicious code in @resolvx/core (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5798

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall @resolvx/core

What this malware does

On npm install, scripts/postinstall.js connects to a hardcoded attacker IP (http://213.218.160.189:8080, fallback:80), sends a base64-encoded host fingerprint (hostname, username, platform, arch) as the q query parameter, optionally XOR-decrypts the HTTP response with an embedded hex key, writes the decrypted bytes to a hidden file (.node_<rand>.js) under /tmp or %LOCALAPPDATA%/Temp, spawns it as a detached Node process with stdio ignored and windowsHide set, calls unref(), and deletes the staging file ~5 seconds later. The script also performs anti-analysis checks (scans tasklist for wireshark/fiddler/procmon/x64dbg/ida), introduces a randomized 0.5–2.5s start delay, and skips execution when npm_config_dry_run is set to evade dry-run inspection. The combination of plaintext HTTP fetch from a bare IP, payload decryption, hidden filename staging, detached background execution, and anti-analysis gating is a textbook install-time dropper that yields full code execution on the installer's machine and exfiltrates host identification to the attacker for follow-on targeting.

Malicious versions

3 flagged

1.0.02.4.12.4.2

Indicators of compromise (SHA-256)

052d246b7ece22aa1b8e1a365e8c56a7655f5bb9136c946c93491d3f45bad6fc

4639df1cd39850efb8106cbc5ecf3648f386c0cc5cff6c457d90f6a4d569cef0

c4a11c4df96cafcd14b258bbd044e008dc789bf4860930df33ce06bac5b22372

c616f535bbbe417cfb9a1e54c6c98a9a40c2631ce26c3209ab5b43bc05ae4aec

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for @resolvx/core (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging @resolvx/core across your stack and pipelines.
If you installed it — respond
@resolvx/core is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If @resolvx/core was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks @resolvx/core before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. @resolvx/core on npm has been identified as a malicious package (versions 1.0.0, 2.4.1, 2.4.2 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-006651IN-MAL-2026-006650IN-MAL-2026-006652IN-MAL-2026-006649

References

Credits

Amazon Inspector · finder

Detect & block this

O3 blocks @resolvx/core-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring