@longzy/react-native-polyfillnpm
Malicious code in @longzy/react-native-polyfill (npm) Remove it immediately and rotate any exposed credentials.
What this malware does
This npm package is purpose-built malware that exfiltrates host information and environment secrets. It runs as a postinstall hook (the keyword "postinstall" is obfuscated in the code) and bails immediately if npm_package_name is unset, confirming it only fires during npm install. After a randomized 15-45 second delay it collects host info (hostname, username, platform, Node version, non-internal IPs, and the registry URL) and dumps the entire process.env -- which in CI and developer environments routinely contains tokens, AWS keys, and other secrets -- then POSTs it all to an attacker-controlled endpoint. The C2 destination is obfuscated two ways: the host decoder (reverse + subtract 7) yields open.feishu.cn, and the payload is formatted as a Feishu/Lark bot webhook message (msg_type: "text"), so stolen data lands in an attacker's Lark chat. The exfiltration path is XOR-decoded with the key "Zk9x". The bulk of the code is anti-analysis: it silently calls process.exit(0) if it detects honeypot canary tokens (AKIAIOSFODNN7EXAMPLE and the matching AWS example secret, fake-token regexes like F4k3T0k3n, "honey"), researcher/sandbox env vars and prefixes (DetonationLogFilePath, PYPI_POISON_HONEY_TOKEN, THREAT_ANALYZER_MODEL, ASPECT_TLOG, and prefix scans for SANDYCLAW_, OPENCLAW_, PERMISO_, CHAINRADAR_), a resolved-registry string containing "supplysec", NODE_OPTIONS with a --require hook, mock CA paths under /tmp/mock, the NODE_TLS_REJECT_UNAUTHORIZED/profiling combo, 3 or more CI providers set at once (GitHub Actions, GitLab, CircleCI, Buildkite), sandbox hostnames (detonat|cuckoo|virus|scan|chainradar), sandbox usernames (sandbox, malware, scan, etc.), or a HOME path containing "openclaw". The char-code/XOR/reverse encoding and the "Build Environment Telemetry" comments exist purely to hide the env-var names, the C2 host, and the path from casual review and log scanners.
Malicious versions
Every published version of this package is considered malicious — remove it entirely.
Detection & response playbook
Credential / info stealerFind it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for @longzy/react-native-polyfill (all published versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging @longzy/react-native-polyfill across your stack and pipelines.
If you installed it — respond
@longzy/react-native-polyfill is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If @longzy/react-native-polyfill was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks @longzy/react-native-polyfill before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.
Frequently asked questions
Credits
- SafeDep · finder
Detect & block this
O3 blocks @longzy/react-native-polyfill-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.