npm Malware Steals Files from Claude AI Users

Emily Davis · 2026-05-27

A new malicious package has been discovered on the npm registry, and it's got some serious information-stealing chops. Cybersecurity researchers at OX Security found "mouse5212-super-formatter"—a package designed to lift files straight from a directory used by Anthropic's Claude AI tool. If you're a developer using Claude, this one hits close to home. ### How the Attack Works This package targets "/mnt/user-data," a dedicated directory where Claude AI handles uploads and outputs in the background. Once installed, it quietly uploads those files to a remote server. Think of it like a digital pickpocket—one that snags your most sensitive data without you even noticing. The scary part? The package was distributed via GitHub, a platform we trust for code sharing. It highlights a growing trend: attackers are using trusted ecosystems to slip in malicious code. For developers relying on npm packages daily, this is a wake-up call. ### Why This Matters for You If you're a developer using Claude AI or similar tools, your user data could be at risk. Here's what's at stake: - **Private conversations**: Chat logs with sensitive info - **Uploaded files**: Documents, images, or code you've shared - **System paths**: Details that could reveal your setup This isn't just a theoretical threat. OX Security confirmed the package was live on npm before being taken down. But how many copies were installed? We don't know yet. ### Protecting Yourself from npm Malware So, what can you do? Start by being picky about what you install. Here are some practical steps: - **Check the source**: Always verify the package author and download stats - **Use a sandbox**: Test new packages in isolated environments - **Monitor directories**: Keep an eye on sensitive folders like user-data - **Update regularly**: Patch vulnerabilities in your tools For antidetect browser users, this is especially relevant. You're already managing multiple identities and data streams—adding a malicious package to the mix is a recipe for disaster. ### The Bigger Picture This incident shows how supply chain attacks are evolving. It's not just about stealing credentials anymore—attackers are targeting AI tools and their data. As AI becomes more integrated into our workflows, we need to rethink security. Think of it like this: you lock your front door, but what if someone sneaks in through a package delivery? That's exactly what's happening here. The npm registry is a vital resource, but it's also a potential backdoor. ### What to Do Next If you've installed "mouse5212-super-formatter" or similar packages, act fast: 1. **Revoke access**: Change API keys and tokens 2. **Scan your system**: Use antivirus or endpoint detection tools 3. **Review logs**: Check for unusual outbound traffic 4. **Report it**: Notify your security team or the npm registry Remember, prevention is better than cure. Stick to reputable packages and always read the fine print. Your data is worth it. Stay safe out there, and keep your antidetect browser settings tight. This is just another reminder that digital privacy is a constant battle.