VYPR

npm · Malicious package advisory

Malware

lc-chatbot

MAL-2026-6559

Malicious code in lc-chatbot (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (81ca324fdc9c4ba5536abcd43972f1a506f4af99ace29447b66a17947b1b8606)
package.json declares both preinstall and postinstall scripts that run `node callback.js`, so the callback fires automatically on `npm install` with no user interaction. callback.js collects identifying data from the installer's machine — os.hostname(), os.userInfo().username, process.cwd(), the consuming package name@version, and process.platform/arch — and transmits it to two attacker-controlled collectors: (1) a DNS lookup whose label is the hex-encoded hostname under a canarytokens.com subdomain, and (2) an HTTPS GET to https://eolxuw8fddeyjj8.m.pipedream.net carrying the collected fields as query parameters. The callback wraps all I/O in try/catch and forces process.exitCode=0, so the install completes silently even if the network call fails, hiding the beacon from the installer. The package self-describes as a dependency-confusion proof-of-concept, but the behavior is genuine install-time exfiltration of installer-identifying data and harms any machine that runs `npm install`.

## Source: ossf-package-analysis (10b9ccdaec6709f86d79c1dec1b8fbfa87926dedbdc1e2355979308e7c516f3e)
The OpenSSF Package Analysis project identified 'lc-chatbot' @ 0.9.0-rc.0 (npm) as malicious.

It is considered malicious because:

- The package communicates with a domain associated with malicious activity.

Compromised versions (1)

  • 0.9.0-rc.0

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.