Listen to this Post

Introduction
The open-source ecosystem has become one of the most attractive targets for cybercriminals. Every day, millions of developers rely on package repositories such as npm and PyPI to accelerate software development, trusting community-maintained libraries to build secure and scalable applications. Unfortunately, attackers understand this trust better than anyone.
A newly uncovered malware campaign demonstrates just how dangerous software supply chain attacks have become. Instead of directly attacking organizations, threat actors targeted developers by publishing fake Software Development Kits (SDKs) for well-known online payment platforms. These malicious packages were carefully engineered to appear legitimate while secretly harvesting credentials, API tokens, and sensitive secrets from developer environments. Although the campaign was detected quickly, it serves as another reminder that even a few minutes online can be enough for attackers to compromise unsuspecting victims.
Coordinated Supply Chain Attack Hits npm and PyPI
Security researchers detected a coordinated campaign on July 7, 2026, after automated monitoring systems identified 17 malicious packages appearing almost simultaneously across the npm and PyPI package registries.
Rather than distributing obvious malware, the attackers disguised their code as official SDKs for popular payment providers, including PaySafe, Skrill, and Neteller. Their objective was simple: convince developers to install seemingly legitimate packages during application development.
The attackers relied heavily on typosquatting and deceptive package names. By choosing names that closely resembled authentic payment libraries, they significantly increased the likelihood that developers would accidentally install malicious versions instead of genuine SDKs.
This technique continues to prove effective because developers frequently depend on autocomplete, search results, or quick copy-paste installation commands without thoroughly validating package authenticity.
Fake SDKs Were Designed to Look Completely Legitimate
One of the most convincing examples involved a malicious package impersonating a PaySafe SDK.
The fake client replicated the behavior of a real REST API library by exposing familiar payment functions, customer creation methods, and configuration options using environment variables. From a developer’s perspective, everything appeared to function exactly as expected.
Instead of communicating with the real PaySafe infrastructure, however, the package simply returned fake successful responses.
Because developers received no visible errors, they had little reason to suspect anything unusual. Meanwhile, hidden malicious routines quietly executed in the background.
This level of deception demonstrates that modern malware is increasingly designed to blend seamlessly into legitimate software development workflows rather than causing immediate system disruption.
Credential Theft Was the Primary Objective
Once installed, the malware immediately began searching the victim’s environment for valuable secrets.
Its scanning logic specifically targeted environment variables containing keywords such as:
KEY
SECRET
TOKEN
PASS
AUTH
API
These simple keyword filters allowed the malware to capture an enormous variety of credentials, including:
AWS access keys
GitHub Personal Access Tokens
npm publishing tokens
Cloud service credentials
CI/CD secrets
API authentication keys
Database passwords
Internal application tokens
Developer workstations often contain privileged credentials capable of accessing production systems, making them significantly more valuable than compromising a single end-user computer.
Python Variants Were Even More Dangerous
Researchers discovered that the PyPI versions required even less interaction.
Unlike the npm packages, which primarily activated during SDK usage, the malicious Python packages executed immediately after installation.
This aggressive behavior increased the likelihood of credential theft before developers even began writing code.
It also demonstrated that the attackers invested considerable effort into adapting their malware for multiple programming ecosystems rather than relying on a single language platform.
Advanced Anti-Analysis Techniques Helped the Malware Hide
The malware incorporated multiple defensive mechanisms commonly seen in advanced threat campaigns.
Before stealing data, it first examined the execution environment.
If fewer than two CPU cores were detected—a common indicator of virtual analysis environments—the malware immediately terminated its payload.
It also searched machine hostnames for security-related keywords that might indicate malware analysis systems or research laboratories.
If suspicious characteristics were identified, credential theft was intentionally skipped to avoid exposing the malware to researchers.
These anti-analysis capabilities significantly reduce detection rates during automated malware scanning.
Obfuscated Infrastructure Made Detection Even Harder
The attackers also concealed their command-and-control infrastructure using several layers of obfuscation.
Instead of embedding readable server addresses directly inside the code, they protected them through a three-stage decoding routine involving:
XOR encryption
Character shifting
String reversal
Only after executing each decoding step could the malware reconstruct its true destination.
The stolen credentials were ultimately transmitted through an Ngrok-hosted endpoint, allowing attackers to hide behind trusted tunneling infrastructure that often bypasses traditional network filtering.
This combination of encryption and cloud tunneling reflects increasingly mature operational security practices among modern cybercriminal groups.
Developers Were the Real Target
Unlike traditional malware campaigns aimed at ordinary users, this operation specifically targeted software engineers.
Developers possess privileged access to source code repositories, deployment pipelines, cloud infrastructure, package registries, production environments, and internal secrets.
Compromising just one developer workstation can potentially expose an entire organization’s software ecosystem.
Modern attackers increasingly recognize that attacking software creators often produces far greater rewards than attacking software users.
Immediate Incident Response Is Critical
Organizations that installed packages such as:
paysafe-checkout
paysafe-sdk
skrill-payments
should immediately assume compromise until proven otherwise.
Security teams should:
Rotate every credential stored on affected systems.
Replace cloud authentication keys.
Regenerate GitHub and GitLab access tokens.
Rotate CI/CD secrets.
Replace npm publishing credentials.
Review recent deployment activity.
Inspect audit logs for unauthorized access.
Scan developer machines for persistence mechanisms.
Review package installation history.
Monitor outbound network connections.
Because stolen credentials may already have been used elsewhere, simply uninstalling the malicious package is not sufficient.
Indicators of Compromise (IOCs)
The following SHA-256 hashes have been associated with the campaign:
ce09810adca70ebec87bc455380ef629ceaa2a0d926149d9115604060167682c
b2ea8d69f6792a87327ffde2ee4551bb6b99617f53e1ba71bf9a70f45dbc57ea
8a70a5c1075f2dea4db94633ddc64b0d03d0385fdeda7c226acc944331febf43
Investigate these indicators only within controlled threat intelligence platforms or enterprise security environments.
Deep Analysis
Command Analysis: How the Attack Chain Worked
Developer
│
▼
Installs Fake SDK
│
▼
Package Executes Hidden Code
│
▼
Enumerates Environment Variables
│
▼
Filters Sensitive Credentials
(KEY / SECRET / TOKEN / PASS / API)
│
▼
Performs Sandbox Detection
│
▼
Decodes Hidden C2 Server
(XOR → Character Shift → Reverse String)
│
▼
Exfiltrates Credentials via Ngrok Tunnel
│
▼
Attacker Gains Cloud & Repository Access
Attack Commands and Techniques
Initial Access → Typosquatting malicious packages
Execution → Automatic package installation scripts
Discovery → Environment variable enumeration
Credential Access → Secret harvesting
Defense Evasion → Sandbox detection
Obfuscation → Multi-layer encrypted strings
Command and Control → Hidden Ngrok tunnel
Exfiltration → Stolen credentials sent to remote infrastructure
What Undercode Say:
This campaign represents another major evolution in software supply chain attacks. Instead of exploiting software vulnerabilities, attackers are exploiting developer behavior and trust. That shift is important because human habits are often easier to manipulate than hardened infrastructure.
The fake SDK strategy is especially effective because developers naturally expect SDKs to interact with APIs, load configuration files, and read environment variables. Those activities look completely normal during development, making malicious behavior extremely difficult to distinguish from legitimate operations.
Another notable characteristic is the simultaneous targeting of both npm and PyPI. This indicates planning, automation, and familiarity with multiple software ecosystems. It also suggests the attackers are interested in maximizing infection opportunities rather than focusing on a single programming language.
The malware authors also demonstrated operational maturity through layered obfuscation, sandbox awareness, and cloud-based command infrastructure. These are no longer techniques reserved for nation-state actors. Financially motivated cybercriminals increasingly employ enterprise-grade development practices.
Perhaps the most concerning aspect is that developers themselves are becoming the highest-value targets inside modern organizations. A single compromised workstation can provide attackers with cloud credentials, signing certificates, deployment secrets, production database access, and software publishing permissions.
Traditional endpoint protection is often insufficient because malicious packages execute as trusted code during normal development activities. This places greater importance on software composition analysis (SCA), dependency verification, package reputation scoring, cryptographic package signing, and behavioral monitoring.
Organizations should also implement least-privilege principles for developer credentials. Long-lived API keys stored in environment variables create attractive targets for automated malware. Short-lived tokens, hardware-backed authentication, and secret management platforms significantly reduce exposure.
Continuous dependency monitoring should become standard practice. Security teams must treat third-party libraries with the same scrutiny traditionally reserved for executable software.
The rapid detection of this campaign demonstrates that automated threat intelligence and package registry monitoring are improving. However, the speed of discovery should not create complacency. Attackers only need a brief window to compromise victims before malicious packages are removed.
Ultimately, this incident reinforces a simple reality: software supply chains are now frontline cyber battlefields. Trust must be continuously verified rather than automatically assumed.
✅ Security researchers did detect coordinated malicious packages targeting both npm and PyPI, demonstrating an active software supply chain campaign against developers.
✅ The
✅ The recommendation to rotate credentials immediately after exposure is consistent with modern incident response best practices because stolen secrets cannot be safely reused after compromise.
Prediction
(+1) Software registries will continue investing in AI-powered malware detection, publisher verification, and behavioral analysis to identify malicious packages within seconds of publication, significantly reducing attacker exposure windows.
(-1) Threat actors are likely to respond by creating increasingly realistic SDKs, compromising legitimate maintainer accounts, and using AI-generated code to bypass traditional signature-based detection, making future supply chain attacks even more convincing and difficult to identify.
🕵️📝Let’s dive deep and fact‑check.
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
References:
Reported By: cyberpress.org
Extra Source Hub (Possible Sources for article):
https://www.quora.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon | 📺Youtube




