npm · Malicious package advisory
Malwareai-chat-helper
MAL-2026-6086
Malicious code in ai-chat-helper (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (39a12d35a8713a8f63eaf342901214a7f53fa396b9ee8218d246e5e0db7b6318) collect.js performs system reconnaissance and exfiltration to a hardcoded attacker-controlled host. The script imports child_process, os, fs, http, and https; reads os.hostname(), os.homedir(), and inspects local filesystem paths via fs.existsSync; and POSTs the collected data to http://aab.sportsontheweb.net (line 13/line 366). The destination is an unrelated third-party domain over cleartext HTTP, with no relationship to any documented chat-helper functionality. This is the canonical credential/host-info beacon shape: child_process for command execution, os for host identity, fs for local file enumeration, and a hardcoded HTTP POST to an attacker domain.
Compromised versions (3)
- 1.0.9
- 1.0.2
- 1.0.1
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.