Which versions of chai-as-decrypted are malicious?

The following npm versions of chai-as-decrypted are flagged malicious: 4.2.8. Treat any of these as compromised.

How do I remediate chai-as-decrypted if I installed it?

Remove chai-as-decrypted from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is chai-as-decrypted part of a known attack campaign?

Yes — chai-as-decrypted is associated with the IN-MAL-2026-006785 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect chai-as-decrypted in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking chai-as-decrypted and packages like it before any post-install script runs.

Malicious package

chai-as-decryptednpm

Malicious code in chai-as-decrypted (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5900

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall chai-as-decrypted

What this malware does

Package name chai-as-decrypted mimics the popular chai-as-promised, and the README impersonates pino (uses pino's npm badges and links to github.com/pinojs/pino). On npm install, the postinstall hook runs npm run smoke:pino → node./index.js, whose top-level runBackgroundTask() spawns a detached node lib/initializeCaller.js. That file shadows the global process with a local object whose env.DEV_API_KEY is a base64 string; it atob-decodes the value to https://www.ipregionchecker.org/api/ip-check-encrypted/3aeb34a37, POSTs to it via axios, and executes the HTTP response body with new Function.constructor("require", response)(require) — arbitrary remote JavaScript run with full require access on the installer's machine, retried 5 times. The base64 hiding of the endpoint and headers behind a fake process.env has no legitimate purpose and is solely to evade static scanners. This is a deliberate install-time remote code execution attack against developers who mistype chai-as-promised.

Malicious versions

1 flagged

4.2.8

Indicators of compromise (SHA-256)

3ed93b06c95c42e3183b89e5fb1d9dea3f711bb20d766861c8d16b8d17f17cc9

Frequently asked questions

No. chai-as-decrypted on npm has been identified as a malicious package (version 4.2.8 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-006785

References

npmjs.com

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection