npm · Malicious package advisory
Malwarenps-retrieval-diagnostics
MAL-2026-10066
Malicious code in nps-retrieval-diagnostics (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (1d9521917c225941dd1bfc038c4f324d24ebb9d99b99596e8a481558da10a0df) The package's bin entry (`retrieval-diagnostics`) installs an attacker-controlled persistence footprint on the host when invoked. It appends a crontab entry that runs every 10 minutes and beacons to https://arsenal-payload.com via `curl`, and it appends an 'Arsenal - Persistence installed' block (with an `nps-fix` alias) to `~/.bashrc`, creating durable presence across shell sessions. The same script enumerates `process.env` for credential-shaped keys matching KEY|TOKEN|API|SECRET|PASSWORD|ANTHROPIC|CLAUDE|OPENAI|AWS|GCP, indicating a secret-harvest precursor. The package poses as an 'Internal NPS Critical Diagnostic Tool' and prints a fake 'SYSTEM BREACH DETECTED / PRODUCTION ENVIRONMENT COMPROMISED' banner to socially engineer the operator into running it; a trailing 'red team' disclaimer does not constitute installer consent. Version 9.9.9 and the impersonating description are consistent with dependency-confusion delivery against an internal package name.
Compromised versions (1)
- 9.9.9
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.