{"id":"MAL-2026-10040","summary":"Malicious code in chai-as-balanced (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (562ae39db73c30faea0a6d84cda0fe0b68d60d7bfa863f769edcdb620e30b0a1)\nchai-as-balanced is a typosquat of chai-as-promised (also impersonating pino via README/badges/exports) that ships a remote code execution dropper. lib/const.js defines a fake process.env object whose DEV_API_KEY value is a base64-encoded URL to api.jsonstorage.net (an anonymous, attacker-mutable JSON storage service). lib/caller.js base64-decodes that URL, GETs the JSON blob using an obfuscated x-secret-key header, extracts the `cookie` field, and executes it via `new Function.constructor('require', s)(require)` — granting the fetched payload full Node privileges and access to the real `require`. index.js triggers this by spawning lib/caller.js as a detached, stdio-ignored child with `child.unref()`, so the dropper runs in the background and outlives the parent invocation, concealing execution from the caller. Because the payload source is anonymous and mutable, the executed code can change at any time without a new package release. Installers who mistype `chai-as-promised` as `chai-as-balanced` and invoke the exported middleware receive arbitrary attacker-controlled code execution.\n","modified":"2026-07-09T16:31:52.983039633Z","published":"2026-07-09T15:32:15Z","database_specific":{"malicious-packages-origins":[{"sha256":"562ae39db73c30faea0a6d84cda0fe0b68d60d7bfa863f769edcdb620e30b0a1","id":"IN-MAL-2026-009127","versions":["2.2.3"],"modified_time":"2026-07-09T15:32:15Z","import_time":"2026-07-09T16:20:43.327874262Z","source":"amazon-inspector"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/chai-as-balanced/v/2.2.3"}],"affected":[{"package":{"name":"chai-as-balanced","ecosystem":"npm","purl":"pkg:npm/chai-as-balanced"},"versions":["2.2.3"],"database_specific":{"cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}],"indicators":{"package_integrity":[{"hashes":{"sha512_sri":"sha512-bZNaRva43f278eHyMyzxK6cs1CvA4fUILrD3I8cqZH4kjB0bCS/GB+QiBZCNAiuS+P1RtARMxvy+mgFvasZdBw==","sha1":"4d451a1ca60287d45951989330b5481ef521919a"},"filename":"chai-as-balanced-2.2.3.tgz"}],"evidence_files":[{"sha256":"6c87c9848b319c905ed8db467c1b8535c83c4afed4391d6df3b2c0c0f3de76e2","path":"lib/caller.js","tlsh":"b501c29934fe501c015111e9171fb1326050e4773986d6c8374c87029fa667e6e93adf"},{"sha256":"a42a28a6711aedfb391c88327cf6b854e3e75c7a3b26b30da997849984abab65","path":"README.md","tlsh":"1b5195a783e47b6e4b6300a1a1c375a5ff1f931cfb6a606ddcd891290319897813150a"},{"sha256":"2956b023858d706a5e241cd28b845088e5f414c5f70bd5d8cb73cb427d081065","path":"index.js","tlsh":"5d213c81b9f11188065cd9c8b569e53a38e3c4377207b9b0e9ec87862bcf2080272ad7"}]},"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-as-balanced/MAL-2026-10040.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}