Which versions of ipy-rev-proxy are malicious?

The following npm versions of ipy-rev-proxy are flagged malicious: 9.3.1. Treat any of these as compromised.

How do I remediate ipy-rev-proxy if I installed it?

Remove ipy-rev-proxy from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is ipy-rev-proxy part of a known attack campaign?

Yes — ipy-rev-proxy is associated with the IN-MAL-2026-005194, IN-MAL-2026-005195 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect ipy-rev-proxy in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking ipy-rev-proxy and packages like it before any post-install script runs.

Malicious package

ipy-rev-proxynpm

Malicious code in ipy-rev-proxy (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5475

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall ipy-rev-proxy

What this malware does

On npm install, index.js runs as a preinstall hook and POSTs hostname, username, platform, architecture, cwd, CI flags, and npm user-agent to https://webhook.site/40b5f3e2-4072-4f2c-b259-0ecb531755d7. The same script then probes Google's internal SSO proxy at http://uberproxy.corp.google.com/procz and the GCE metadata endpoint http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token (with the required Metadata-Flavor: Google header) and forwards any 200 response — including GCE service-account tokens — plus hostname, id, and uname -a output to the same webhook. The package presents itself with a generic Jupyter description and the placeholder author 'IPython Development Team' but ships no functional code matching that description; the name and metadata are consistent with a dependency-confusion lure aimed at Google internal builds.

Malicious versions

1 flagged

9.3.1

Indicators of compromise (SHA-256)

591a0d253aee02115544f9bcac7609e62d8c18a9ac60cc4967d7d6e8c7f7d555

5b5e8b8bd7fa1b9720229e7ba23e00e08a5a843e209fc8525d58a05ea3e70321

Frequently asked questions

No. ipy-rev-proxy on npm has been identified as a malicious package (version 9.3.1 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005194IN-MAL-2026-005195

References

npmjs.com

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection