Which versions of cryptodao-utils are malicious?

The following npm versions of cryptodao-utils are flagged malicious: 99.99.99. Treat any of these as compromised.

How do I remediate cryptodao-utils if I installed it?

Remove cryptodao-utils from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is cryptodao-utils part of a known attack campaign?

Yes — cryptodao-utils is associated with the IN-MAL-2026-006863 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect cryptodao-utils in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking cryptodao-utils and packages like it before any post-install script runs.

Malicious package

cryptodao-utilsnpm

Malicious code in cryptodao-utils (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5978

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall cryptodao-utils

What this malware does

package.json declares postinstall: node recon.js, which runs automatically on every npm install. recon.js harvests host information and a curated list of credential-bearing environment variables (AWS_SECRET_ACCESS_KEY, NPM_TOKEN, GITLAB_ACCESS_TOKEN, CI_JOB_TOKEN, SSH_PRIVATE_KEY, DB_PASSWORD, PRIVATE_KEY, MNEMONIC, SEED_PHRASE, DOCKER_PASSWORD, and others), grep-reads.env files at common installer paths for KEY/SECRET/TOKEN/PASS/PRIVATE/MNEMONIC lines, and POSTs the collected bundle to two attacker-controlled endpoints: https://webhook.site/d6d18927-e513-4df7-b019-58bfc64fe0dd and https://enqoojbegdvxj.x.pipedream.net/. The HTTPS requests are issued with rejectUnauthorized: false, disabling certificate validation so exfiltration succeeds through TLS-intercepting proxies. The package self-identifies in source comments as a 'CryptoDAO Dependency Confusion Reconnaissance Payload' and is published at version 99.99.99 — the canonical shape used to outrank an internal cryptodao-utils package during registry resolution. Combined, this is a complete dependency-confusion credential-harvest attack against any installer whose build pipeline resolves the public name.

The OpenSSF Package Analysis project identified 'cryptodao-utils' @ 99.99.99 (npm) as malicious.

It is considered malicious because:

The package communicates with a domain associated with malicious activity.

Malicious versions

1 flagged

99.99.99

Indicators of compromise (SHA-256)

97e08a5a6fa93f0080d53371f566846f4258ed5e50479f43b9fc10c7a9716410

fb6683ae60f6a98342ecd5399e61fbcbde57eebadc193eaa484d7adde2318bea

Frequently asked questions

No. cryptodao-utils on npm has been identified as a malicious package (version 99.99.99 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-006863

References

npmjs.com

Credits

Amazon Inspector · finder
OpenSSF: Package Analysis · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection