← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
GPT-Proxy Backdoor in npm and PyPI turns Servers into Chinese LLM Relays
WHITE PetrP.73 2026-04-26 Modified: 2026-04-26
8
IOCs
LOW VOLUME
Recent intelligence has uncovered two malicious packages in npm and PyPI, named kube-health-tools and kube-node-health respectively, aimed at compromising Kubernetes environments. Although these packages appear legitimate, they execute a backdoor that establishes an LLM (Large Language Model) proxy service on infected machines. The primary mechanism involves native binaries that either execute upon import or require() calls. These droppers are designed to download a stage 2 payload from GitHub while embedding XOR-encrypted configuration data critical for further operations.
llm proxykubernetesgithubwebsocketchiselapi gatewayapisgreat firewallaikido useraikidopypi
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (8)
All CVE FileHash-MD5 FileHash-SHA256 URL hostname
TYPEINDICATORDESCRIPTIONCREATED
CVE CVE-2026-40175 2026-04-26
FileHash-MD5 e5c2b988f369d9e51f30985eb8c1c5ae 2026-04-26
FileHash-SHA256 3a3d8f8636fa1db21871005a49ecd7fa59688fa763622fa737ce6b899558b300 2026-04-26
FileHash-SHA256 5d58ce3119c37f2bd552f4d883a4f4896dfcb8fb04875f844f999497e4ca846d 2026-04-26
FileHash-SHA256 b3405b8456f4e82f192cdff6fdd5b290a58fafda01fbc08174105b922bd7b3cf 2026-04-26
FileHash-SHA256 fb3ae78d09c119ec335c3b99a95c97d9bb6f92fd2c7c9b0d3e875347e2f25bb2 2026-04-26
URL https://sync.geeker.indevs.in 2026-04-26
hostname sync.geeker.indevs.in 2026-04-26
References (1)
↗ https://www.aikido.dev/blog/gpt-proxy-backdoor-npm-pypi-chinese-llm-relay