Cyber Trap on npm: Ten Malicious Packages Steal Data Across Windows, Linux, and macOS

Listen to this Post

Featured Image

A Hidden Attack That Slipped Through npm’s Defenses

In a shocking cybersecurity incident, ten malicious npm packages—disguised as popular open-source tools—have been caught siphoning sensitive data from developers worldwide. The attack, uncovered by researchers at Socket, reveals how threat actors manipulated trust in open-source ecosystems, leaving thousands of developers vulnerable to data theft on Windows, macOS, and Linux systems.

For months, the packages remained undetected, concealed under layers of advanced obfuscation designed to bypass static analysis and security scanners. With over 10,000 downloads recorded, these deceptive uploads silently stole browser credentials, authentication tokens, and even SSH keys. Despite being reported, some of the infected packages still remain active on npm’s registry.

The Full Breakdown: How the Attack Worked

On July 4, ten packages were uploaded to the npm registry under misleading names that mimicked real, legitimate libraries. The fake packages included:

typescriptjs

deezcord.js

dizcordjs

dezcord.js

etherdjs

ethesjs

ethetsjs

nodemonjs

react-router-dom.js

zustand.js

Each of these names mirrored popular software such as TypeScript, Discord.js, Ethers.js, Nodemon, React Router DOM, and Zustand—a classic example of typosquatting, where cybercriminals exploit small misspellings to deceive developers.

Once installed, a post-installation script ran automatically, launching a hidden terminal session that matched the user’s operating system. The malware then executed a secondary script named app.js, which was the real weapon. Behind the scenes, this script unleashed four layers of obfuscation:

A self-decoding eval wrapper to hide the main code.

XOR encryption using dynamically generated keys.

URL-encoded payloads that changed on each execution.

Deep control-flow confusion to obscure logic from analysis.

To appear legitimate, the script even displayed a fake CAPTCHA in ASCII format within the terminal window. This small psychological trick gave developers the illusion that the installation was secure—while in reality, the malware was silently stealing data.

Once the fake CAPTCHA ran, the script sent the victim’s geolocation and system fingerprint to a remote Command & Control (C2) server. Then, it downloaded a massive 24MB information stealer built with PyInstaller, adapting automatically to Windows, macOS, or Linux environments.

The malware’s primary targets were:

System keyrings like Windows Credential Manager, macOS Keychain, and Linux SecretService.

Browser data, including saved passwords and session cookies from Chromium and Firefox.

SSH keys, OAuth credentials, JWTs, and API tokens stored on the machine.

All stolen data was compressed and temporarily staged in /var/tmp or /usr/tmp before being exfiltrated to the attacker’s server at 195[.]133[.]79[.]43.

Cybersecurity experts warned that developers who used these packages should assume full compromise. The advice is to remove the infected libraries immediately, rotate all credentials, and review systems for signs of intrusion.

This incident once again highlights the fragility of trust in open-source supply chains. A single misspelling in an npm command can turn a routine update into a catastrophic breach.

What Undercode Say:

This npm attack exposes a critical weakness in the open-source ecosystem—developer trust. The modern coding environment thrives on community-built tools, but that same openness invites exploitation. Every dependency added to a project becomes a potential backdoor if unchecked.

From a behavioral perspective, the attackers exploited developer psychology. The fake CAPTCHA wasn’t just a gimmick—it was a confidence trap. Developers associate CAPTCHAs with security, so seeing one during installation likely reduced suspicion. It’s a reminder that cybercrime is as much psychological warfare as it is technical deception.

Technically, the use of multi-layer obfuscation signals professional-level engineering. Each encryption layer, from XOR keys to URL encoding, was crafted to defeat automated detection and slow down manual analysis. The attackers likely tested their payloads against static and dynamic scanners, ensuring a long period of undetected operation.

The campaign’s sophistication also lies in its timing and choice of targets. By releasing the malicious packages on July 4—a U.S. holiday—many organizations had limited security staff monitoring for new uploads. This allowed the malware to spread quietly during a period of reduced vigilance.

The packages were strategically chosen too. Each fake version targeted a highly popular library used across thousands of projects. Tools like Nodemon, Ethers.js, and React Router DOM are staples in the JavaScript ecosystem. A single compromised dependency here can cascade into dozens of affected downstream projects, especially in CI/CD environments where dependencies install automatically.

Another concerning factor is npm’s slow response time. Despite being alerted, the infected packages reportedly remain online. This delay reflects a recurring issue in large registries: balancing openness with security enforcement. Unlike app stores, open-source repositories lack centralized vetting, and automated systems struggle to distinguish between legitimate code and malicious clones.

For organizations, the takeaway is clear—dependency trust must be verified continuously, not assumed. Security teams should implement:

Dependency monitoring tools like Socket or Snyk to flag suspicious uploads.

Lockfiles to freeze dependency versions, reducing exposure to malicious updates.

Manual review policies for new or rarely used packages.

From an ethical standpoint, this incident underscores the growing responsibility of package maintainers. Developers are no longer just coders—they are gatekeepers of the software supply chain. The shift to remote and AI-assisted coding has amplified automation, but it’s also made human verification rarer.

The npm breach reminds us that the open-source revolution, while powerful, is built on fragile foundations. Transparency and collaboration empower innovation—but without accountability, they can also empower attackers.

In a world increasingly defined by shared code, the question is no longer if an attack like this will happen again, but when and where it will strike next.

🔍 Fact Checker Results

✅ The ten packages were confirmed by Socket researchers as active malware.
✅ The information stealer was indeed packaged with PyInstaller and targeted multiple OS platforms.
❌ Some reports claiming all packages were removed are incorrect—several remain online.

📊 Prediction

🧠 The Next Wave of npm Attacks

Over the next year, expect a surge in AI-assisted typosquatting campaigns as threat actors automate the creation of convincing clones. Developers will face growing risks from code supply chain poisoning, especially within decentralized registries like npm and PyPI.

🚨 Likely Outcome: npm will adopt stricter upload verification and package provenance checks, possibly integrating blockchain-style validation for authenticity. However, human oversight will remain the ultimate defense—because even the most advanced scanner can’t detect a misspelled name typed by a tired developer.

🕵️‍📝✔️Let’s dive deep and fact‑check.

References:

Reported By: www.bleepingcomputer.com
Extra Source Hub (Possible Sources for article):
https://www.stackexchange.com
Wikipedia
OpenAi & Undercode AI

Image Source:

Unsplash
Undercode AI DI v2
Bing

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeNews & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon