The package had been downloaded 676 times and, for a brief window, left the attacker’s own credential exposed to observers.
mouse5212-super-formatter: a sync utility in name, an infostealer in function
Published on npm under the name mouse5212-super-formatter, the package presented itself as an internal "archive deployment sync" tool that checked a GitHub repository and recorded a network status snapshot. OX Security’s analysis shows the post-install code did something different: it authenticated to GitHub, created a repository if one did not exist, then recursively walked a local directory and uploaded every file it found using the GitHub Contents API.
To mask its theft, the package stored stolen files under a randomly named folder for each run and wrote a fake "network connections" log so the activity resembled diagnostics rather than exfiltration. Comments and commit messages in the attacker’s repository were deliberately bland, an effort intended to avoid drawing attention to the uploads.
Hardcoded GitHub token: the operator’s operational-security mistake
The malware contained a hardcoded fallback token in its code — a glaring operational-security error. Because that token belonged to the operator, researchers could trace activity directly into the attacker-controlled GitHub repository. OX Security observed around seven theft sessions in that repository; most of those sessions appeared to be the operator testing the tool. The GitHub account used to receive the uploads had been created only hours before the first upload and was deleted once the activity was exposed.
Distribution, exposure, and removal
OX Security reported the package had been downloaded 676 times and was still live on npm at the time of the firm’s writeup on Wednesday; the package has since been removed. The presence of the operator’s own credential allowed researchers an unusually clear, inside view of the exfiltration process and the attacker’s operational patterns during that window.
OX Security’s framing: AI-assisted, low-opsec threats on the rise
OX Security framed mouse5212-super-formatter as an example of malware generated with AI by an operator who did not grasp basic operational security. The firm linked this episode to a broader trend: as the effort required to produce working malicious code falls, researchers expect more low-quality, AI-assisted malware from less skilled actors, often imitating more capable groups. OX Security pointed to VoidLink, a Linux malware strain analysts concluded was largely AI-generated under the direction of a single person, as an example of the same dynamic.
Practical advice from OX Security and immediate mitigation steps
OX Security urged anyone who installed the package to revoke their GitHub access tokens and treat any sensitive files in the affected directory as compromised. That guidance is drawn directly from the observed behavior: the package’s post-install routine uploaded local files to the attacker-controlled repository, and the operator’s credential in the code made those uploads observable.
What this means for technologists, enterprises, and end users
- Technologists and security teams: Expect more low-opsec tools that nevertheless can hurt if installed; monitor for unusual post-install GitHub activity and consider scanning build and deployment dependencies for unexpected post-install scripts.
- Enterprises and procurement leaders: Review dependencies pulled from public package registries, and require token management practices that eliminate hardcoded credentials; revoke exposed tokens immediately when compromise is suspected.
- End users and developers: If you installed mouse5212-super-formatter, follow OX Security’s advice — revoke any GitHub tokens used by your environment and assume sensitive files in the affected directories may have been exfiltrated.
Mouse5212-super-formatter is a cautionary example: the malware’s author sought plausible deniability through bland commit messages and fake diagnostics, but a simple coding error — a hardcoded fallback GitHub token — turned the operation into a live exposé. The removal of the package and deletion of the ephemeral GitHub account closed the visible window, but the incident underlines OX Security’s core point: as AI lowers the bar for creating malicious code, sloppy operational security will keep producing easily traceable, damaging campaigns.




