MAL-2026-10066
Malicious code in nps-retrieval-diagnostics (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (1d9521917c225941dd1bfc038c4f324d24ebb9d99b99596e8a481558da10a0df) The package's bin entry (`retrieval-diagnostics`) installs an attacker-controlled persistence footprint on the host when invoked. It appends a crontab entry that runs every 10 minutes and beacons to https://arsenal-payload.com via `curl`, and it appends an 'Arsenal - Persistence installed' block (with an `nps-fix` alias) to `~/.bashrc`, creating durable presence across shell sessions. The same script enumerates `process.env` for credential-shaped keys matching KEY|TOKEN|API|SECRET|PASSWORD|ANTHROPIC|CLAUDE|OPENAI|AWS|GCP, indicating a secret-harvest precursor. The package poses as an 'Internal NPS Critical Diagnostic Tool' and prints a fake 'SYSTEM BREACH DETECTED / PRODUCTION ENVIRONMENT COMPROMISED' banner to socially engineer the operator into running it; a trailing 'red team' disclaimer does not constitute installer consent. Version 9.9.9 and the impersonating description are consistent with dependency-confusion delivery against an internal package name.
Are you affected?
Enter the version of the package you're using.
Affected packages
No fixed version published yet for nps-retrieval-diagnostics (npm). Pin to a known-safe version or switch to an alternative.