`parket-helper` / `ts-ecro` big.js typosquat dropper cluster
A cluster of npm typosquats impersonating big.js shipped verbatim copies of the legitimate library with a single added five-line require of parket-helper / parket-slot / new-solt — three otherwise-empty utility packages whose entire purpose is to execute attacker-controlled JavaScript at import time. GitHub and npm flagged the eight packages and replaced them with 0.0.1-security holders between 2026-06-18 and 2026-06-19.
- Detected by
- GitHub · CIRCL
- Also known as
- parket loader cluster · big.js typosquat dropper June 2026
- Ecosystems
- npm
- Packages tracked
- 8
What happened
Between 2026-06-10 and 2026-06-18 a single operator published a small family of npm packages that impersonate big.js (the popular arbitrary-precision decimal library by MikeMcl, ~6M weekly downloads). Each facade package ships a verbatim copy of big.js v7.0.1 — same source, same README author block, same MikeMcl copyright header, same GitHub repository field in package.json — with one addition: a five-line try { require("parket-slot") } catch {} (or require("parket-helper") / require("new-solt")) wrapper injected near the top of the main entry. The loader runs as soon as a downstream project imports the package, executes attacker-controlled code from the helper, and swallows any error so the host application keeps functioning normally.
GitHub Advisory Database (GHSA) issued malware advisories for the eight packages between 2026-06-18 and 2026-06-19 (CWE-506, "Embedded Malicious Code", severity Critical). The npm registry replaced every affected version with a 0.0.1-security holder during the same window. Per npm registry metadata the original publish timeline was:
- 2026-06-10 17:23 UTC —
ts-esys@0.0.5 - 2026-06-11 07:28 UTC —
parket-slot@0.0.6(the longest-dwelled loader; seven days live before takedown) - 2026-06-11 07:37 / 07:38 UTC —
ts-ecro@0.0.5,ts-ecro@0.0.6 - 2026-06-18 11:04 / 11:07 UTC —
parket-helper@0.0.1,parket-helper@5.8.1(the5.8.xversion number is a typosquat for the legitimate big.js release line) - 2026-06-18 11:26 / 11:27 UTC —
ts-ecro-helper@0.0.1,ts-ecro-helper@5.8.0 - 2026-06-18 17:43 / 17:44 UTC —
ts-big-ecro@0.1.0,ts-big-ecro@3.8.1 - 2026-06-18 19:35 / 19:54 / 20:32 UTC —
new-solt@0.0.7,new-solt@0.0.8,new-solt@0.0.9 - 2026-06-18 19:41 / 19:57 / 20:33 UTC —
new-ecro@0.0.6,new-ecro@0.0.7,new-ecro@0.0.9
Why the manifest mismatch matters
A developer (or scanner) inspecting new-ecro@0.0.9 sees a package.json that declares "dependencies": { "new-solt": "^0.0.8" }. The runtime code, however, calls require("parket-slot"). That mismatch means a registry-side dependency-graph audit (which only reads package.json) never associates new-ecro with the eventually-flagged parket-slot loader — only a runtime trace or a source-level scan catches it. The technique is documented in CIRCL's public MAL-2026-6197 / 6198 / 6199 vulnerability-lookup entries and is described by GHSA reviewers as a "canonical malicious-typosquat dropper pattern": metadata spoofing of a popular library + silent runtime require of a differently-named module than declared + unconditional try/catch error suppression.
Relation to earlier big.js typosquats
This cluster is mechanically similar to the sjs-biginteger / sjs-lint-build1 SSH-backdoor campaign that SafeDep documented on 2026-04-07 (also a big.js verbatim-copy facade plus a sibling-package loader) and to the January 2026 BigSquatRat / bigmathix / bigmathex / bignumx cluster analysed by kmsec.uk (which used a aurevian.cloud C2 to deliver a JS RAT). No public source has attributed the June 2026 parket/ECRO cluster to a named actor; the recurring big.js targeting and the loader-package indirection strongly suggest a continuing operator using the same playbook against a high-value typo target.
The registry holding pages confirm npm completed takedowns within ~21 hours of the first June 18 publish burst. Any project whose lockfile resolved one of the affected versions between the original publish timestamp and the 2026-06-19 08:27 UTC final takedown should be considered exposed.
Affected packages (8)
- npm
new-ecro0.0.60.0.70.0.9 - npm
new-solt0.0.70.0.80.0.9 - npm
parket-helper0.0.15.8.1 - npm
parket-slot0.0.6 - npm
ts-big-ecro0.1.03.8.1 - npm
ts-ecro0.0.50.0.6 - npm
ts-ecro-helper0.0.15.8.0 - npm
ts-esys0.0.5
Impact
- Arbitrary code execution at
require()/importtime inside any process that pulls the typosquat — no install hook needed, the malicious load runs the moment the module is first imported - Manifest spoofing: each facade declares the original
big.jsrepository, author, and copyright inpackage.json, so casual maintainer review (and most metadata-only scanners) sees an unchanged big.js entry - Loader-name laundering:
new-ecrodeclaresnew-solt@0.0.8inpackage.jsonbut the runtime coderequire()sparket-slot— a name mismatch that hides the actual executing module from anyone who only reads the manifest - Error-swallowing
try { require(...) } catch {}wrapper around the dropper means the host process keeps running normally, so the operator can re-attempt or pivot without crashing the build - Multi-month dwell:
parket-slot@0.0.6was first published 2026-06-11 and only flagged seven days later — any lockfile that resolved a^0.0.xrange during that window picked it up transparently
What to do
- 1Grep your lockfile for any of
parket-helper,parket-slot,new-solt,ts-ecro,ts-ecro-helper,ts-big-ecro,new-ecro, orts-esys— none of these have a legitimate use; if found, treat the host as compromised - 2Treat any machine that ran
npm installresolving these packages between 2026-06-10 and 2026-06-19 as compromised — rotate npm tokens, SSH keys, cloud credentials, and any browser-extension wallet seeds from a separate clean device - 3If you intended to use
big.js, install it from the officialMikeMcl/big.jsrepository (npm install big.js) — none of thets-*-ecro/*-bign/new-ecrolookalikes are upstream - 4Add
parket-helper,parket-slot, andnew-soltto your registry mirror denylist — they are pure loader packages with no benign use - 5Audit your dependency tree for indirect pulls: a typosquat-aware scanner (Socket, Snyk, Phylum, SafeDep) flags the manifest-mismatch pattern (
require()ing a different name than declared) and is the cheapest broad detection
References
- GitHubGHSA-w6cg-2gpv-j66m: parket-helper malicious packagegithub.com
- GitHubGHSA-65jm-q492-j57q: parket-slot malicious packagegithub.com
- GitHubGHSA-cwjv-7gg4-fp86: ts-ecro malicious packagegithub.com
- GitHubGHSA-pw67-28xc-x677: ts-ecro-helper malicious packagegithub.com
- GitHubGHSA-chhh-8532-pg35: new-ecro malicious packagegithub.com
- GitHubGHSA-3cg2-mrw5-67r6: ts-big-ecro malicious packagegithub.com
- GitHubGHSA-76f5-jq4m-cjc3: ts-esys malicious packagegithub.com
- npmparket-helper on npm (security holder)registry.npmjs.org
- npmparket-slot on npm (security holder)registry.npmjs.org