Which versions of @demica/core are malicious?

The following npm versions of @demica/core are flagged malicious: 99.99.99, 99.99.100. Treat any of these as compromised.

How do I remediate @demica/core if I installed it?

Remove @demica/core from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is @demica/core part of a known attack campaign?

Yes — @demica/core is associated with the IN-MAL-2026-005001, IN-MAL-2026-005012 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect @demica/core in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking @demica/core and packages like it before any post-install script runs.

Malicious package

@demica/corenpm

Malicious code in @demica/core (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5349

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall @demica/core

What this malware does

Dep-confusion squat of internal @demica/core at sentinel high version 99.99.100 + auto-exec postinstall (canary.js) beaconing to RAW IP 157.230.17.236:80/dc. Sentinel-high-version + auto-exec beacon = MALICIOUS per operator policy (c913); "authorized benign canary" framing does NOT downgrade, raw-IP dest matches masterkrweb. 6-pkg @demica canary campaign.

Package self-describes as a dependency-confusion canary targeting the @demica scope and ships a postinstall hook that fires automatically on npm install. package.json declares scripts.postinstall: node canary.js postinstall, and canary.js lines 18-22 issue an HTTP GET to the bare IP 157.230.17.236 on port 80 at path /dc?... with the package name, version, a nonce, and the lifecycle phase. Any machine that resolves @demica/[email protected] from the public registry — typically because an internal build accidentally pulled the public squat instead of the private @demica/core — silently announces itself to the operator of 157.230.17.236, disclosing the installer's egress IP, the presence of the @demica internal namespace in the build, and confirmation that the dependency-confusion attack succeeded. The beacon body is metadata-only (no env/filesystem/credential reads), but the install-time outbound HTTP to a hardcoded attacker-controlled bare IP, fired without consent on default install, is the canonical dependency-confusion exploitation primitive and gives the publisher exactly the reconnaissance signal needed to identify and escalate against vulnerable internal build pipelines.

Malicious versions

2 flagged

99.99.9999.99.100

Indicators of compromise (SHA-256)

3abd78892d57868223d66ae70f269e5088d5801f5beaa41418146172a3e5e338

988a83382bca8783111965583f3ba35befbc6d60b40f6f75f49ff332894db14c

Frequently asked questions

No. @demica/core on npm has been identified as a malicious package (versions 99.99.99, 99.99.100 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005001IN-MAL-2026-005012

References

Credits

Amazon Inspector · finder
SafeDep · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection