{"id":"MAL-2026-4511","summary":"Malicious code in chai-as-patch (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (c0f6b316992ec48b2d29d234f9debebcf239653a2371d54ab9f6e487c4fdba7b)\nThis package is a typosquat of chai-as-promised that delivers remote code execution to any installer that requires it and invokes the exported middleware. index.js spawns a detached, stdio-ignored child process running lib/caller.js. caller.js fetches https://jsonkeeper.com/b/XRGF3 (a free anonymous JSON paste host) via axios, extracts the `.cookie` field from the response, and passes it into `new Function.constructor('require', s)`, then invokes the resulting function with the real `require` — giving the paste host's controller arbitrary code execution in the consumer's Node process. The C2 URL is base64-encoded and hidden inside a fake `process.env`-shaped object (`DEV_API_KEY: \"aHR0cHM6Ly9qc29ua2VlcGVyLmNvbS9iL1hSR0Yz\"`); a second encoded paste ID (4NAKK) is stored in lib/const.js. The package metadata further obfuscates intent: name mimics `chai-as-promised`, description claims to be a vulnerability manager, keywords are pino-related, and the bug tracker points at an unrelated domain. The detached+unref'd subprocess pattern is intended to hide the loader from the calling process. Multiple independent block signals are present: anonymous-host remote-code fetch with no integrity check, dynamic Function-constructor execution of attacker-controlled bytes, base64-concealed C2, hidden detached subprocess delivery, and typosquat naming.\n","modified":"2026-05-26T06:02:19.439674084Z","published":"2026-05-25T09:08:31Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2026-05-25T09:08:31Z","import_time":"2026-05-26T05:52:56.92619071Z","versions":["1.1.9"],"source":"amazon-inspector","sha256":"c0f6b316992ec48b2d29d234f9debebcf239653a2371d54ab9f6e487c4fdba7b","id":"IN-MAL-2026-004613"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/chai-as-patch/v/1.1.9"}],"affected":[{"package":{"name":"chai-as-patch","ecosystem":"npm","purl":"pkg:npm/chai-as-patch"},"versions":["1.1.9"],"database_specific":{"indicators":{"package_integrity":[{"hashes":{"sha1":"55629bb7321892427bb8a0e14c14151fff645e43","sha512_sri":"sha512-ZrLnNpf7F3WtxonhoAlIEDnODMOWJITYa9HqIw/kkh9HZyIq/vBCUEY8ZD+QNKKWD8U5lnhamLXUG1dv+VSBJA=="},"filename":"chai-as-patch-1.1.9.tgz"}],"evidence_files":[{"path":"lib/caller.js","sha256":"d81e48769a830cd3384a4b8977ade12e5ab7583eb7cca84e7ab966d15871bd71","tlsh":"f8017b8a30fa605c015510f64b1fa4327011e4273c49e5c5378c87524fea9ae6963aed"},{"path":"index.js","sha256":"2956b023858d706a5e241cd28b845088e5f414c5f70bd5d8cb73cb427d081065","tlsh":"5d213c81b9f11188065cd9c8b569e53a38e3c4377207b9b0e9ec87862bcf2080272ad7"},{"path":"package.json","sha256":"8c067e52f0deb7378aab0190d83a71f27fbec486e98e6cb944ebe0f0b9e70224","tlsh":"c9016461deb88e2300ed25824c2a0743aa619c079828fc2932da512d4f9e9bf01be21d"}]},"cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-as-patch/MAL-2026-4511.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}