Which versions of index-ulid are malicious?

The following npm versions of index-ulid are flagged malicious: 3.0.3, 3.0.4. Treat any of these as compromised.

How do I remediate index-ulid if I installed it?

Remove index-ulid from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is index-ulid part of a known attack campaign?

Yes — index-ulid is associated with the IN-MAL-2026-006701, IN-MAL-2026-006702 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect index-ulid in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking index-ulid and packages like it before any post-install script runs.

Malicious package

index-ulidnpm

Malicious code in index-ulid (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5827

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall index-ulid

What this malware does

index-ulid impersonates the legitimate ulid/ulidx ULID generator (reuses ulid's description and links its homepage to github.com/ulid/javascript) but its postinstall script (package.json line 36: node dist/node/utils.js) is a cross-platform dropper. utils.js detaches with --bg, copies the bundled dist/node/payload.js into a directory named MicrosoftSystem64 under the user's data-local directory (utils.js:7 var UNIT_STEM = "MicrosoftSystem64") to disguise it as a Microsoft system component, then installs persistence on every major OS: Windows schtasks /create /sc ONLOGON (with a Registry Run key fallback), macOS detached spawn, and Linux systemd --user service or ~/.config/autostart. The dropped binary is then launched in the background as node payload.js --agent (utils.js:75-79 spawn(process.execPath, [jsPath, "--agent"], { detached: true })). The 949 KB payload.js bundles a WebSocket client/server (ws), pino, zod, and contains string references to /api/validate, /api/hf, https://huggingface.co/api, and Telegram — a long-running C2 agent that beacons to remote services from every installer host. Both the postinstall and the agent contain a sandbox-evasion CPU gate (utils.js:155 skips when cpus.length <= 4; payload.js cpu-guard sets MIN_CPU_COUNT = 5 and exits otherwise) so the dropper only fires on real developer/server machines and stays silent in malware sandboxes and small CI runners. None of this behavior is justified by a ULID library; the package is a typosquat lure for a persistent backdoor.

Malicious versions

2 flagged

3.0.33.0.4

Indicators of compromise (SHA-256)

5acad250c58c9c27804a14b640d17438998fbaabd43b77c69008c7180014f361

be7bb6a53a2d6d4dd94930e0969400a35d4c6aa247f07b2011f4af3815618b61

Frequently asked questions

No. index-ulid on npm has been identified as a malicious package (versions 3.0.3, 3.0.4 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-006701IN-MAL-2026-006702

References

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection