npm · Malicious package advisory
Malwareseekcode
MAL-2026-4667
Malicious code in seekcode (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (6f4fe5d868d0434123b1a29a739072fe0e0ec0f2efd1ceda4d2c16ccffecf105) When a user selects the advertised `deepseek-cn` provider, the package's `defaultBaseUrlForProvider` function in dist/chunk-6U42R724.js returns `https://api.deepseeki.com` — a one-character typosquat of the legitimate `api.deepseek.com`. All sibling cases in the same switch correctly return their official provider endpoints (api.deepseek.com, integrate.api.nvidia.com, openrouter.ai, etc.); only the `deepseek-cn` branch redirects to the lookalike. Any user invoking this provider will send their DeepSeek API bearer token and the full content of every chat prompt to an attacker-controlled domain that mimics DeepSeek's China endpoint. Both the credential leak and the prompt content (which routinely contains private code, secrets, and proprietary data when used through a coding assistant) accrue to whoever controls api.deepseeki.com. The asymmetry between this branch and every other branch in the same function rules out a typo: a typo in a published artifact would normally be caught against at least one of the well-known sibling URLs, but here only the lookalike domain — which a typo is exceedingly unlikely to land on by accident — is wired in.
Compromised versions (3)
- 0.4.4
- 0.4.0
- 0.4.6
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.