VYPR

npm · Malicious package advisory

Malware

chai-as-patch

MAL-2026-4511

Malicious code in chai-as-patch (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (c0f6b316992ec48b2d29d234f9debebcf239653a2371d54ab9f6e487c4fdba7b)
This package is a typosquat of chai-as-promised that delivers remote code execution to any installer that requires it and invokes the exported middleware. index.js spawns a detached, stdio-ignored child process running lib/caller.js. caller.js fetches https://jsonkeeper.com/b/XRGF3 (a free anonymous JSON paste host) via axios, extracts the `.cookie` field from the response, and passes it into `new Function.constructor('require', s)`, then invokes the resulting function with the real `require` — giving the paste host's controller arbitrary code execution in the consumer's Node process. The C2 URL is base64-encoded and hidden inside a fake `process.env`-shaped object (`DEV_API_KEY: "aHR0cHM6Ly9qc29ua2VlcGVyLmNvbS9iL1hSR0Yz"`); a second encoded paste ID (4NAKK) is stored in lib/const.js. The package metadata further obfuscates intent: name mimics `chai-as-promised`, description claims to be a vulnerability manager, keywords are pino-related, and the bug tracker points at an unrelated domain. The detached+unref'd subprocess pattern is intended to hide the loader from the calling process. Multiple independent block signals are present: anonymous-host remote-code fetch with no integrity check, dynamic Function-constructor execution of attacker-controlled bytes, base64-concealed C2, hidden detached subprocess delivery, and typosquat naming.

Compromised versions (1)

  • 1.1.9

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.