Supply-chain threat intelligence
Risk score
92
Indexed incident for common-tg-service (npm).
Malicious npm package published by user shetty123 as part of a Telegram account hijacking framework targeting Indian Telegram users. All 502 published versions (1.0.1 through 1.3.207) are malicious. Pairs with ams-ssk, which provides the operator's server-side AMS/CMS infrastructure.
common-tg-service performs full Telegram account takeover at runtime when the service is initialized (no install-time hooks, which lets it bypass scanners that gate on preinstall/postinstall lifecycle scripts). Behavior includes: implanting a hardcoded 2FA password (Ajtdmwajt1@) and recovery email on hijacked accounts; polling an operator-controlled Gmail inbox over IMAP (imap.gmail.com) to auto-submit 2FA confirmation codes; revoking all device authorizations except the attacker's session; harvesting OTP codes by monitoring Telegram chat 777000 and forwarding them to the operator; running SRP ownership checks against managed accounts and flagging rotated 2FA as unrecoverable; and fetching remote JSON configuration from npoint.io so operators can change behavior without re-publishing.
Blocked outbound requests are laundered through a relay at helper-thge.onrender.com. Stolen accounts and updates are exfiltrated to attacker-controlled Telegram channels (-1001801844217 and -1001972065816). Operator infrastructure includes paidgirl.site, cms.paidgirl.site, report-upi.netlify.app, and promoteClients2.glitch.me.
-= Per source details. Do not edit below this line.=-
This package wires a global NestJS AuthGuard (registered via APP_GUARD in AppModule) that grants authenticated access to any deployed consumer service under several attacker-controlled conditions: (1) any HTTP request carrying header or query parameter apiKey=santoor (case-insensitive) is treated as authenticated — see dist/guards/auth.guard.js line 80; (2) requests originating from a hardcoded list of five public IPs (31.97.59.2, 148.230.84.50, 13.228.225.19, 18.142.128.26, 54.254.162.138) are unconditionally allowed — dist/guards/auth.guard.js lines 14–20; (3) requests with an Origin header matching author-owned web properties (paidgirl.site, zomcall.netlify.app, tgchats.netlify.app, tg-chats.netlify.app, report-upi.netlify.app) are accepted — dist/guards/auth.guard.js lines 21–27; and (4) a long IGNORE_PATHS list bypasses auth entirely on destructive routes (/exit, /sendtoall, /sendmessage, /sendtochannel, /joinchannel, /leavechannel, /executehs, /executehsl, etc.). AppController exposes POST /execute-request (dist/app.controller.js lines 80–105), which proxies arbitrary HTTP requests server-side — combined with the master key this turns every consumer deployment into an open SSRF/relay reachable by anyone who reads the public tarball. CloudinaryService.downloadAndExtractZip fetches https://cms.paidgirl.site/folders/${folderName}/files/download-all and runs AdmZip.extractAllTo(process.cwd(), true) on the result with no integrity check (dist/cloudinary.js lines 69, 84) — the author can overwrite arbitrary files (including dist/index.js, package.json) in the deployed app's working directory and achieve code execution on the next start. generateTGConfig defaults SOCKS5 proxy fetch and IP-management to https://cms.paidgirl.site/ip-management with x-api-key santoor (dist/components/Telegram/utils/generateTGConfig.js line 97), routing the installer's Telegram MTProto sessions through author-selected proxies. fetchWithTimeout silently re-POSTs any 403/495 request — including its original headers and body — to https://helper-thge.onrender.com/execute-request (dist/utils/fetchWithTimeout.js lines 80–85), exfiltrating auth tokens and request payloads to an author-operated relay. On bootstrap, InitModule.onModuleInit posts the installer's clientId to api.telegram.org chat_id -1001801844217 (dist/utils/logbots.js line 24), with subsequent unauthorized-attempt logs s
Affected versions
Indicators
Timeline