Which versions of @nstrlabs/api-client are malicious?

The following npm versions of @nstrlabs/api-client are flagged malicious: 99.0.0, 99.0.1. Treat any of these as compromised.

How do I remediate @nstrlabs/api-client if I installed it?

Remove @nstrlabs/api-client from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is @nstrlabs/api-client part of a known attack campaign?

Yes — @nstrlabs/api-client is associated with the IN-MAL-2026-005095, IN-MAL-2026-005096, IN-MAL-2026-005131, IN-MAL-2026-005130 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect @nstrlabs/api-client in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking @nstrlabs/api-client and packages like it before any post-install script runs.

Malicious package

@nstrlabs/api-clientnpm

Malicious code in @nstrlabs/api-client (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5418

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall @nstrlabs/api-client

What this malware does

@nstrlabs/[email protected] is a hollow package whose only behavior is an install-time exfiltration beacon. package.json declares "preinstall": "node index.js || true", so every npm install automatically executes index.js, which collects os.hostname(), os.userInfo().username, __dirname, and process.cwd() and ships them through two independent channels: (1) a DNS lookup against a subdomain of d8jbmnsqcfu78dfs8vdg34ohqhirb4pbg.oast.live (OAST-style out-of-band callback) encoding the collected fields, and (2) an HTTP POST of the JSON payload to the hardcoded bare IP 172.201.213.59:9090/c. Errors are swallowed with || true to keep the install appearing successful. The package ships no API-client functionality; the version-bomb to 99.0.0 under the @nstrlabs scope, combined with the security research description and beacon-only payload, is the canonical dependency-confusion shape — designed to outrank a private internal @nstrlabs/api-client and silently identify hosts inside the target organization's build environment.

Malicious versions

2 flagged

99.0.099.0.1

Indicators of compromise (SHA-256)

21dda1fd78fda4debfc14241cb2f5653bb328ccbe744170341d7f5a93331dac2

9e0cc169216efefe96ed4724461baf56c8d7827b7322eaaca6dfdce9a3456165

7d5538fb97a8a712a30d1168e70ae82650504b2e6015833086b4d95093807e53

de7b47a7f81209dbbaff286599b46f4f030ff992b6d0c25d947cc84739b838d9

Frequently asked questions

No. @nstrlabs/api-client on npm has been identified as a malicious package (versions 99.0.0, 99.0.1 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005095IN-MAL-2026-005096IN-MAL-2026-005131IN-MAL-2026-005130

References

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection