Which versions of btd-smart are malicious?

The following npm versions of btd-smart are flagged malicious: 1.0.2, 1.0.3. Treat any of these as compromised.

How do I remediate btd-smart if I installed it?

btd-smart is a typosquat — you almost certainly intended a legitimately-named package. Remove btd-smart, install the correct package, and rotate any secrets exposed during the install since post-install scripts may have already run.

I already installed btd-smart — how do I know if it already compromised me?

If btd-smart was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is btd-smart part of a known attack campaign?

Yes — btd-smart is associated with the IN-MAL-2026-003259, IN-MAL-2026-003250 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find btd-smart across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for btd-smart (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging btd-smart across your stack and pipelines.

Malicious package

btd-smartnpm

Malicious code in btd-smart (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-4501

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall btd-smart

What this malware does

The package presents itself as a clone of juliangruber/balanced-match (stolen author identity 'Julian Gruber [email protected]', verbatim README, identical API renamed btdSmart, placeholder homepage 'github.com/your-org/btd-smart'). Appended to the legitimate code in index.js is an obfuscated block that runs unconditionally when the module is required. A custom string-shuffle decoder reconstructs the identifier 'constructor' (and other strings) without any literal occurrences in the file, retrieves the Function constructor from a string prototype, builds a function from a decoded source body, and invokes it. Before invocation, the code stashes require and module onto global under decoder-produced keys so the Function-built code — which otherwise has no closure scope — gains filesystem, network, and process capabilities. The payload body is opaque (deterministic numerical shuffle with 0x7F-based escape tricks across two nested decoders), executes on every require('btd-smart'), and the legitimate balanced-match code above it has no obfuscation, confirming the appended block is purposefully hidden. Combined signals — typosquat with stolen identity, custom obfuscator, dynamic Function eval of a decoded blob at module load, deliberate global-smuggling of require/module — match the documented active-attack shape; no legitimate brace-matching utility needs any of these mechanisms.

Malicious versions

2 flagged

1.0.21.0.3

Indicators of compromise (SHA-256)

3ad22b27351879a89349a1232ee5abb46bc589399ea710b9769526a8080b3199

f99fec295e7e47a66efd1ddfef051e13f25e9139473356d8a79c1c1d612e2887

Detection & response playbook

Typosquat

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for btd-smart (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging btd-smart across your stack and pipelines.
If you installed it — respond
btd-smart is a typosquat — you almost certainly intended a legitimately-named package. Remove btd-smart, install the correct package, and rotate any secrets exposed during the install since post-install scripts may have already run.
Did it already run?
If btd-smart was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks btd-smart before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. btd-smart on npm has been identified as a malicious package (versions 1.0.2, 1.0.3 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-003259IN-MAL-2026-003250

References

Credits

Amazon Inspector · finder

Detect & block this

O3 blocks btd-smart-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the malicious outbound activity and severs the channel.

Malware detection Runtime egress monitoring