{"id":"MAL-2026-6350","summary":"Malicious code in chai-as-operated (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (927e5f9d908ce243e10ddf51e2463ac96c6f685790ec9f35dcc7309c90ad8407)\nPackage name impersonates the widely-used `chai-as-promised` (README instructs `chai.use(chaiAsOperated)`) and the README badges further impersonate `pino` (npm/GitHub Actions shields point at pinojs/pino). On `require('chai-as-operated')`, `index.js` exposes a middleware factory that spawns a detached `node./lib/initializeCaller.js`. That script defines a fake `process` object containing base64-obfuscated values (`DEV_API_KEY` decodes to `https://amethyst-lorrin-26.tiiny.site/index.json`, plus obfuscated `x-secret-key` header credentials), then performs `axios.get(apiEndpoint,...)` and executes the response body via `new Function.constructor('require', response)(require)` with retry logic. The remote payload runs with full Node `require` access in a detached background process. The destination is a free `tiiny.site` host — author-mutable, anonymous infrastructure — and the URL is hidden behind base64 to evade casual review and string scanners. This is a classic typosquat + remote-execution dropper.\n","modified":"2026-06-23T22:46:24.969986795Z","published":"2026-06-23T21:50:24Z","database_specific":{"malicious-packages-origins":[{"sha256":"927e5f9d908ce243e10ddf51e2463ac96c6f685790ec9f35dcc7309c90ad8407","id":"IN-MAL-2026-007379","import_time":"2026-06-23T22:31:27.867166588Z","versions":["6.0.3"],"source":"amazon-inspector","modified_time":"2026-06-23T21:50:24Z"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/chai-as-operated/v/6.0.3"}],"affected":[{"package":{"name":"chai-as-operated","ecosystem":"npm","purl":"pkg:npm/chai-as-operated"},"versions":["6.0.3"],"database_specific":{"cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-as-operated/MAL-2026-6350.json","indicators":{"package_integrity":[{"hashes":{"sha512_sri":"sha512-WMWbFsfn4K50LrwMlDQBNWlaC5PLR9vaDQ+ES7HNAiU7Vqd7BMtU5sbyLIFMj5JlUbCaFX/6ADGSW3gkWu1UJQ==","sha1":"bb070802a72fbb1a56595f4642910afa1ffbdc6b"},"filename":"chai-as-operated-6.0.3.tgz"}],"evidence_files":[{"sha256":"2a41c6b7c5e256d70f884c613c6412ef73d86f8cd8a65afe6afb64fabaf4e022","path":"lib/initializeCaller.js","tlsh":"f111008d61fc200c056512e6b22f18116022e4273d4ad4e47adc83470f9627fbd536df"},{"sha256":"f38235eb42aad0173030d67ae67ef047c2accb391012044a3171bd9ff84fbe71","path":"package.json","tlsh":"b3019c60ce788e2300ed25824c2a064376619c139928fc1933db512c0f9d5bf11bf21d"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}