npm · Malicious package advisory
Malwarechai-deflect
MAL-2026-10051
Malicious code in chai-deflect (npm)
Details
---
_-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (4328eb627063ce40813ae27e3cb7ec1a967d17aa6c2bf045f0083d42e09352ea)
On require('chai-deflect'), index.js top-level invokes launchDeflectBootstrap() which detaches a child process running lib/caller.js. caller.js issues an HTTP GET to http://server-genimi-check.vercel.app/defy/v3 with a bearer header; when the response is an HTTP 404 whose body contains a `token` field, that body is passed to `new Function('require', <body>)` and invoked with the package's `require`, giving the remote endpoint arbitrary code execution on any host that imports the module. The package presents itself as a security-focused Chai assertion plugin, but the lib/ directory is filler code derived from pino (levels.js, multistream.js, proto.js, transport.js, worker.js) unrelated to Chai, and lib/const.js hides a base64-encoded secondary URL (https://jsonkeeper.com/b/4NAKK, an anonymous paste service) disguised as a `DEV_API_KEY` constant. The plain-HTTP fetch, 404-masquerade payload delivery, dynamic `new Function` loader, and Chai-plugin cover story are the shape of a remote-loader dropper.
Compromised versions (2)
- 1.1.5
- 1.1.6
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.