If you’re a user of OpenAI’s Claude AI platform, beware: researchers at OX Security have just discovered a malicious npm package that can steal files from your user directory. Here’s the bad news.
Stealing Files via GitHub
Called “mouse5212-super-formatter,” the package is a seemingly harmless library, but in fact, it’s designed to upload files from your “/mnt/user-data” directory to a GitHub repository. This means that if you installed the package, an attacker could potentially access sensitive information, like your notes, documents, or even your credentials.
How the Attack Works
According to OX Security, the malicious package uses GitHub’s webhooks to upload stolen files. When you install the package and run it, it creates a webhook that sends a notification to the attacker whenever a new file is created in your “/mnt/user-data” directory. The attacker can then access the files via the GitHub repository.
What this means
If you’re a Claude AI user, this is a serious wake-up call. The attack vector is relatively simple, and the malicious package is already available on the npm registry. To stay safe, make sure to regularly check the packages you’ve installed and remove any suspicious ones. You should also monitor your GitHub repositories for any unexpected activity.
The incident highlights the importance of security in the era of AI and automation. As more developers rely on libraries and packages to speed up their workflow, the risk of malicious packages increases. OX Security has removed the malicious package from the npm registry, but the incident serves as a reminder to always be vigilant when working with open-source software.
In the future, developers and users should be cautious when installing new packages, especially if they’re not from reputable sources. Additionally, AI platforms like Claude should implement stricter security measures to prevent similar attacks. For now, it’s up to users to stay informed and take necessary precautions to protect their data.
