Decoded execution chain
-----------------------
1. Outer layer:
- Starts with try{eval(function(s,n){...})([large numeric array].map(...).join(""),1))
- Converts numeric character codes into a string.
- Applies a Caesar +1 shift to alphabetic characters.
- eval() executes the decoded layer.
2. First decoded layer:
- Imports node:crypto.
- Defines an AES-128-GCM decryptor.
- Decrypts two embedded payloads:
a) _b: small Bun bootstrap/loader
b) _p: large obfuscated payload (~686 KB)
- Writes _p to a temporary JS file under /tmp/p<random>.js.
- If Bun is available, runs: bun run "<temp file>"
- If Bun is unavailable, downloads Bun from GitHub releases and then runs the payload.
4. Large payload:
- Obfuscated JavaScript with a string-table decoder and a second custom encrypted string layer.
- After decoding strings, the payload clearly contains credential and secret collection logic.
Observed behaviour / capabilities
---------------------------------
The payload appears to collect or search for:
- GitHub tokens / PATs / GitHub Actions OIDC tokens
- npm tokens and npm OIDC package exchange tokens
- RubyGems API keys
- AWS credentials, STS metadata credentials and Secrets Manager secrets
- Azure credentials, service principals and Key Vault secrets
- GCP service account tokens and Secret Manager secrets
- Vault tokens and Vault secrets
- Kubernetes service account tokens and kubeconfig
- Docker credentials
- SSH keys and config
- Git credentials
- .env files and common project secrets
- Claude configuration and project files
- OnePassword items via the op CLI
- Slack, Discord, Signal, Telegram and Element local data
- Crypto wallet files such as Exodus, Ledger Live, Ethereum keystores and Monero data
- Shell and database history files
Exfiltration / persistence style
--------------------------------
The payload contains logic to:
- Create or use GitHub repositories through GitHub API endpoints.
- Commit collected data/content into repository files.
- Add/update files such as:
- .vscode/tasks.json
- .claude/index.js
- .claude/settings.json
- .claude/setup.mjs
- .vscode/setup.mjs
- Use commit messages such as:
- chore: update dependencies
- create del-commit:
- Create a GitHub repo with description:
- Hades - The End for the Damned
- Use api.anthropic.com with path v1/api as an apparent outbound endpoint.
- Use a token/string:
- IfYouYankThisTokenItWillNukeTheComputerOfTheOwnerFully
Public repo > infect by merge > github runner picks up and gets infected > and github action (from a repo) that then runs on runner getw effected