Malware Injected into 7 Popular npm Packages

Supply Chain Attack Compromises npm Packages

Cybersecurity researchers have uncovered a supply chain attack that compromised several popular npm packages after project maintainers fell victim to a phishing campaign designed to steal npm access tokens.

Attackers used the stolen tokens to publish malicious versions directly to the npm registry, bypassing GitHub workflows such as pull requests or source code commits.

Affected npm Packages and Malicious Versions

According to Socket, the affected packages and their rogue versions include:

• eslint-config-prettier (8.10.1, 9.1.1, 10.1.6, 10.1.7)
• eslint-plugin-prettier (4.2.2, 4.2.3)
• synckit (0.11.9)
• @pkgr/core (0.2.8)
• napi-postinstall (0.3.1)
• got-fetch (5.1.11, 5.1.12)
• is (3.3.1, 5.0.0)

Phishing Campaign Details

The phishing campaign impersonated npm support, sending emails with the subject line “Please verify your email address.”

• Attackers spoofed the address support\@npmjs[.]org and included a link to a typosquatted domain: npnjs[.]com (instead of npmjs[.]com).
• The fake landing page cloned the npm login portal, capturing maintainer credentials and tokens.

Malware Analysis: Scavenger Loader and Stealer

The malicious npm versions included a payload called Scavenger Loader, designed to:

• Execute a DLL on Windows, enabling potential remote code execution (RCE).
• Download and execute Scavenger Stealer, a module that collects browser data, system information, and sensitive files.

Cross-Platform JavaScript Payload in “is” Package

What makes the attack against “is” notable is that its payload is 100% JavaScript, enabling execution on Windows, Linux, and macOS:

• It captures system environment variables.
• Maintains a WebSocket-based C2 channel, where every incoming message is treated as executable JavaScript, effectively giving attackers a live remote shell with the same privileges as the host process.

Mitigation Recommendations

Developers and organizations using these packages are strongly advised to:

• Cross-check installed package versions and roll back to known safe releases.
• Enable 2FA (two-factor authentication) for npm accounts.
• Use scoped tokens instead of passwords for package publishing.

“This incident shows how quickly phishing attacks on maintainers can escalate into ecosystem-wide threats,” researcher warned.

Protestware and AUR Package Compromise

The npm attack coincides with unrelated incidents:

Protestware in npm:

• 28 npm packages were seeded with protestware targeting websites with .ru or .by domains.
• These packages disable mouse interaction and play the Ukrainian national anthem on repeat for Russian-speaking users who revisit affected sites.
• This campaign is an escalation of protestware activity first spotted in June 2025.

Arch Linux AUR Attack:

• Three malicious AUR packages—librewolf-fix-bin, firefox-patch-bin, and zen-browser-patched-bin—were found to install a Remote Access Trojan (Chaos RAT) from a now-removed GitHub repository.
• The packages were uploaded by a user named “danikpapas” on July 16, 2025.
• Arch Linux maintainers advise immediate removal of these packages and system scans for RAT activity.

Key Takeaways

• Cross-platform JavaScript payloads (as seen in the “is” package) expand the threat to non-Windows ecosystems.
• Supply chain attacks remain a top threat due to their ability to compromise widely used open-source packages.
• Phishing targeting maintainers is becoming a primary attack vector.

Sleep well, we got you covered.