VYPR

npm · Malicious package advisory

Malware

nps-retrieval-diagnostics

MAL-2026-10066

Malicious code in nps-retrieval-diagnostics (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (1d9521917c225941dd1bfc038c4f324d24ebb9d99b99596e8a481558da10a0df)
The package's bin entry (`retrieval-diagnostics`) installs an attacker-controlled persistence footprint on the host when invoked. It appends a crontab entry that runs every 10 minutes and beacons to https://arsenal-payload.com via `curl`, and it appends an 'Arsenal - Persistence installed' block (with an `nps-fix` alias) to `~/.bashrc`, creating durable presence across shell sessions. The same script enumerates `process.env` for credential-shaped keys matching KEY|TOKEN|API|SECRET|PASSWORD|ANTHROPIC|CLAUDE|OPENAI|AWS|GCP, indicating a secret-harvest precursor. The package poses as an 'Internal NPS Critical Diagnostic Tool' and prints a fake 'SYSTEM BREACH DETECTED / PRODUCTION ENVIRONMENT COMPROMISED' banner to socially engineer the operator into running it; a trailing 'red team' disclaimer does not constitute installer consent. Version 9.9.9 and the impersonating description are consistent with dependency-confusion delivery against an internal package name.

Compromised versions (1)

  • 9.9.9

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.