VYPR

npm · Malicious package advisory

Malware

ai-chat-helper

MAL-2026-6086

Malicious code in ai-chat-helper (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (39a12d35a8713a8f63eaf342901214a7f53fa396b9ee8218d246e5e0db7b6318)
collect.js performs system reconnaissance and exfiltration to a hardcoded attacker-controlled host. The script imports child_process, os, fs, http, and https; reads os.hostname(), os.homedir(), and inspects local filesystem paths via fs.existsSync; and POSTs the collected data to http://aab.sportsontheweb.net (line 13/line 366). The destination is an unrelated third-party domain over cleartext HTTP, with no relationship to any documented chat-helper functionality. This is the canonical credential/host-info beacon shape: child_process for command execution, os for host identity, fs for local file enumeration, and a hardcoded HTTP POST to an attacker domain.

Compromised versions (3)

  • 1.0.9
  • 1.0.2
  • 1.0.1

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.