Malicious NPM Packages Targeting the JavaScript Supply Chain
A large-scale attack on the NPM (Node Package Manager) ecosystem has been uncovered, involving the publication of over 64,000 malicious packages by a coordinated group known as the IndonesianFoods worm. This campaign, active for more than two years, leveraged at least seven newly created NPM user accounts to distribute the malicious packages, which are notable for their consistent naming patterns and unusual internal dictionary. The attackers focused on creating new packages rather than stealing credentials, and the scale of the operation more than doubles the previously known number of malicious NPM packages. Security researchers have made available a comprehensive list of the affected packages and user accounts for further analysis.
In a separate but related incident, researchers identified a highly popular fake NPM package, "@acitons/artifact," which was downloaded over 206,000 times. This package used a typosquatting technique to mimic the legitimate GitHub Actions Toolkit and was designed to steal GitHub credentials by executing a malicious post-install script. The attack highlights the growing threat of software supply chain compromises, with the malicious package aiming to exfiltrate tokens from build environments and potentially publish further malicious artifacts. Both incidents underscore the increasing sophistication and scale of supply chain attacks targeting the JavaScript development community.
Sources
Related Stories
Supply Chain Attacks and Remote Access Trojans Targeting NPM Ecosystem and Banking Sector
A series of sophisticated supply chain attacks have targeted the NPM ecosystem, compromising both widely used and niche packages to deliver malicious payloads. The "Shai-Hulud" campaign has infected at least 187 NPM packages, including the highly popular tinycolor package, which receives approximately 2 million downloads weekly. Attackers in this campaign modify package manifests, inject malicious files, and republish the compromised packages, resulting in downstream projects unknowingly incorporating malicious code. The worm-like nature of the attack allows it to spread rapidly to other maintainers' packages, amplifying the impact across the software supply chain. Delayed detection of these compromises increases the risk, as many projects may already be affected before the breach is discovered. The attack highlights the critical importance of verifying package signatures and maintaining a robust software bill of materials (SBOM) to trace dependencies and versions accurately. In a related but distinct campaign, a threat actor using the NPM account "ongtrieuhau861.001" has published at least 94 malicious packages, many of which are specifically crafted to target Asian banks. These packages, often named with the pattern "dhhdbankxxxxx" and similar variants, deliver a JavaScript-based Remote Access Trojan (RAT) dubbed "DHSollutionsBot." This RAT leverages Firebase Realtime Database for command and control, while exfiltrating stolen data through Discord webhooks, making detection more challenging due to the use of legitimate cloud services. The threat actor's NPM account history suggests either a long-term operation or the acquisition of an existing account for malicious purposes. The attack architecture is notable for its simplicity and effectiveness, combining two legitimate platforms for resilient and stealthy C2 operations. Both campaigns underscore the growing threat of supply chain attacks in the open-source ecosystem, where a single compromised package can have cascading effects on countless downstream projects. Developers and organizations are urged to implement cryptographic signing of packages, verify signatures before use, and maintain detailed SBOMs to mitigate the risk of such attacks. The incidents also demonstrate the need for continuous monitoring of package repositories and automated detection tools to identify and respond to malicious activity promptly. The use of trusted platforms like Discord and Firebase for C2 communications further complicates detection and response efforts. These attacks serve as a stark reminder that even well-established codebases can become vectors for compromise if their dependencies are not rigorously vetted and monitored. The campaigns have prompted renewed calls for improved security practices in the software development lifecycle, particularly in the management of third-party dependencies. Organizations are advised to review their exposure to affected NPM packages and take immediate remediation steps where necessary. The incidents highlight the evolving tactics of threat actors in targeting the software supply chain and the critical need for industry-wide vigilance.
4 months ago
Software Supply Chain Threats Targeting Open-Source Ecosystems and Developer Tooling
Open-source software supply chain risk continued to escalate, with reporting citing **454,600+** newly identified malicious packages across major repositories (including **PyPI, npm, Maven Central, NuGet, and Hugging Face**) and tactics ranging from **credential theft** to **multi-stage attacks** and even early **self-replicating** package malware. The activity reportedly concentrated heavily in **npm**, including high-volume “ecosystem flooding” (e.g., single accounts publishing **150,000+** malicious packages in days) and **hijacking of trusted projects**, exploiting developer reliance on superficial trust signals such as package names, READMEs, and download counts. Separately, researchers disclosed **“PackageGate”** vulnerabilities in JavaScript package managers (**npm, pnpm, vlt, and Bun**) that can bypass common post-incident defenses—namely `--ignore-scripts` and lockfile integrity—enabling malicious code execution via compromised dependencies. Koi Security reported six issues; **pnpm, vlt, and Bun** shipped fixes, while **npm** reportedly treated the behavior as expected. In parallel, threat actors abused **GitHub’s fork architecture** to distribute a spoofed *GitHub Desktop* installer promoted via search ads; execution deployed **HijackLoader** and established persistence via a **scheduled task**, underscoring that supply chain threats extend beyond package registries into developer tooling distribution channels.
1 months agoMalicious npm Package Targets GitHub Actions CI/CD Workflows
A malicious npm package named `@acitons/artifact` was discovered impersonating the legitimate `@actions/artifact` module, specifically targeting GitHub Actions CI/CD pipelines. The package was designed to be triggered during the build process of GitHub-owned repositories, where it would capture available tokens from the build environment and use them to publish malicious artifacts under GitHub’s name. The attack leveraged a post-install hook to download and execute an obfuscated shell script called `harness`, which was not detected by popular antivirus solutions. The package was downloaded over 260,000 times before being detected, with six malicious versions uploaded to npm. Further analysis revealed that the malware was configured to only execute if certain GitHub-specific environment variables were present, indicating a targeted attack against GitHub’s own repositories. The script exfiltrated sensitive data in encrypted form to a remote server and was designed to avoid execution after a specific date. Another related npm package, `8jfiesaf83`, was also identified with similar functionality but has since been removed. The threat actor behind the campaign, identified as "blakesdev," removed the offending versions after discovery, but the incident highlights the risks of supply chain attacks in CI/CD environments and the potential for privilege escalation through typosquatted dependencies.
4 months ago