Which versions of chai-as-attested are malicious?

The following npm versions of chai-as-attested are flagged malicious: 6.0.3. Treat any of these as compromised.

How do I remediate chai-as-attested if I installed it?

Remove chai-as-attested from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is chai-as-attested part of a known attack campaign?

Yes — chai-as-attested is associated with the IN-MAL-2026-007072 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect chai-as-attested in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking chai-as-attested and packages like it before any post-install script runs.

Malicious package

chai-as-attestednpm

Malicious code in chai-as-attested (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-6218

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall chai-as-attested

What this malware does

Package impersonates a pino-style logger (exports module.exports.pino, ships pino-like DEFAULT_LEVELS, keywords fast/logger/stream/json) but the exported middleware spawns a detached node lib/initializeCaller.js that fetches a JSON document from a hardcoded free file-hosting URL (https://amethyst-lorrin-26.tiiny.site/index.json) and executes the cookie field of the response via new Function.constructor('require', response)(require), granting the remote payload full Node require access. The endpoint URL and request headers are base64-encoded inside fake process.env-named constants and decoded at runtime with atob to evade scanners; the fetch is retried 5 times. Any consumer who imports the package and invokes the middleware (or runs the package's smoke script) executes attacker-controlled code on the host. The package name and pino-mimicking API surface are a lure — chai-as-attested has no relation to chai-as-promised or to pino.

Malicious versions

1 flagged

6.0.3

Indicators of compromise (SHA-256)

88e27467366a90f482eb47476458b1f74d5a41ac63371572e527f2e60e4e0b51

Frequently asked questions

No. chai-as-attested on npm has been identified as a malicious package (version 6.0.3 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-007072

References

npmjs.com

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection