jscrambler npm package compromised — Rust infostealer drops via preinstall hook, then evolves mid-campaign to survive npm install --ignore-scripts
[email protected] shipped an undocumented preinstall hook that unpacks a 7.8MB obfuscated container and launches an OS-matched Rust infostealer (Linux ELF, Windows PE32+, macOS arm64 Mach-O); Socket caught it six minutes after publish, but the same actor pushed four more malicious releases — 8.16.0, 8.17.0, 8.18.0, 8.20.0 — over the next three hours, and starting with 8.18.0 dropped the install hook entirely in favor of a self-executing loader injected at the top of dist/index.js specifically to survive npm install --ignore-scripts. The payload's target list is unusually pointed for an npm drop: browser-extension crypto wallets, AWS/GCP/Azure metadata-endpoint credentials, and — distinctively — Claude Desktop, Cursor, Windsurf, Zed, and VS Code MCP server configs, meaning any dev machine that installed one of the five bad releases should be treated as having leaked its AI-agent API keys and cloud secrets, not just its npm token. Remove any of jscrambler 8.14.0/8.16.0/8.17.0/8.18.0/8.20.0, pin to 8.22.0 (first confirmed-clean release), rotate every credential reachable from affected machines — cloud, MCP, wallet — and grep install logs for dist/setup.js execution.