Listen to this Post
Introduction: A New Supply Chain Attack That Exploits Developer Trust
Software supply chain attacks continue to evolve, and developers have become one of the most valuable targets for cybercriminals. Rather than attacking organizations directly, threat actors increasingly infiltrate development environments by disguising malware as trusted software libraries. The latest campaign demonstrates just how dangerous this strategy has become. Security researchers have uncovered a coordinated operation involving fake packages published on both the Node Package Manager (npm) and the Python Package Index (PyPI). These malicious packages impersonate official Software Development Kits (SDKs) for Paysafe, Skrill, and Neteller, allowing attackers to steal valuable credentials, API keys, cloud secrets, and authentication tokens from unsuspecting developers.
The attack highlights an alarming trend in modern cybersecurity: developers can become victims simply by installing what appears to be a legitimate dependency. As organizations increasingly rely on open-source ecosystems, attacks like these remind us that every external package represents a potential security risk.
Malicious Packages Disguised as Trusted Payment SDKs
Researchers from Socket discovered a coordinated campaign involving 17 malicious packages published simultaneously across npm and PyPI. Every package was carefully named to resemble legitimate payment SDKs used by developers integrating Paysafe’s financial services into websites and applications.
The malicious packages included numerous names associated with Paysafe, Skrill, and Neteller, making them appear authentic during routine dependency searches. Because these payment platforms are widely used by e-commerce businesses, gaming platforms, travel companies, cryptocurrency exchanges, Forex trading services, and SaaS providers, the potential victim pool is extremely large.
Unlike obvious malware, these packages were designed to appear functional. They exposed the expected APIs developers would normally expect from legitimate SDKs, reducing suspicion during testing and integration.
Who Was Being Targeted?
The primary targets were software developers responsible for integrating online payment solutions into applications.
Organizations using Paysafe SDKs often handle highly sensitive financial transactions. Developers working on these systems frequently possess privileged credentials, cloud access tokens, production API keys, GitHub authentication tokens, AWS credentials, CI/CD secrets, and npm publishing tokens.
Compromising even one developer workstation could provide attackers with enough access to infiltrate an organization’s entire software infrastructure.
Rather than stealing payment information directly, the attackers focused on stealing the credentials that protect payment systems.
How the Fake SDKs Operated
The fake libraries behaved differently depending on the platform.
For npm, the attackers released four malicious versions ranging from 1.0.0 through 1.0.3. These packages activated their credential theft routines only when a Paysafe API key was detected, helping reduce unnecessary exposure and making the malware appear more selective.
The PyPI packages were even more aggressive. They required no Paysafe API key whatsoever. Simply importing or initializing the package automatically triggered the credential theft process.
Meanwhile, the fake SDKs returned successful responses to application calls, creating the illusion that payment operations were functioning correctly even though no communication occurred with Paysafe’s actual backend services.
This deception significantly increased the likelihood that developers would continue using the compromised libraries without immediately recognizing the problem.
Sensitive Information Stolen by the Malware
Once executed, the malware searched developer systems for valuable secrets.
The stolen information included:
Paysafe API keys
AWS access keys
GitHub authentication tokens
npm publishing tokens
Usernames
Hostnames
Passwords
API metadata
Environment variables
Additional authentication credentials
These secrets were then transmitted to a command-and-control server hosted on Amazon Web Services (AWS).
The information collected could enable attackers to compromise cloud environments, private repositories, deployment pipelines, and production payment systems.
Basic Yet Effective Anti-Analysis Techniques
Although technically simple compared to sophisticated nation-state malware, the campaign included basic defensive mechanisms to avoid detection.
Before executing malicious activity, the malware checked whether the system contained fewer than two CPU cores. It also examined usernames and hostnames for indicators commonly associated with virtual machines, malware sandboxes, or security researchers.
If these characteristics were detected, execution stopped immediately.
While these techniques are relatively basic, they remain surprisingly effective against automated malware analysis environments used by researchers and antivirus vendors.
Cross-Ecosystem Attack Expands the Threat
One of the most concerning aspects of this campaign is that the attackers simultaneously targeted both JavaScript and Python ecosystems.
Many organizations monitor only one package repository carefully, assuming their preferred language represents the primary risk.
By attacking npm and PyPI simultaneously, threat actors significantly increase their chances of compromising development environments while bypassing organizations that focus security monitoring on only one ecosystem.
Socket researchers warn that future campaigns may continue expanding across multiple programming languages and package repositories.
Immediate Response Recommendations
Organizations that installed any of the identified packages should assume compromise until proven otherwise.
Security teams should immediately rotate every credential stored or accessed by affected development systems, including API keys, cloud credentials, GitHub tokens, CI/CD secrets, npm publishing credentials, and any additional authentication tokens.
Dependency trees should be audited thoroughly to locate malicious packages, and registry proxy policies should block them entirely.
CI/CD logs should also be reviewed for any activity involving PAYSAFE_API_KEY combined with the identified package names.
Even if no suspicious activity has been observed, proactive credential rotation remains the safest response.
Deep Analysis
Command 1: Verify Every Dependency Before Installation
Developers often trust package names that resemble official vendors.
Modern attackers exploit this habit by publishing convincing look-alike libraries.
Dependency verification should become mandatory rather than optional.
Package popularity alone should never establish trust.
Command 2: Secure Development Pipelines
CI/CD environments frequently contain production credentials.
Attackers increasingly target build systems instead of production servers.
Every build environment should isolate secrets using dedicated vault technologies.
Least-privilege access dramatically limits damage.
Command 3: Continuously Monitor Open-Source Dependencies
Dependency monitoring should not stop after installation.
Organizations need continuous scanning capable of identifying malicious package updates.
Supply-chain monitoring should include npm, PyPI, Maven, NuGet, Cargo, RubyGems, and additional ecosystems.
Command 4: Rotate Secrets Automatically
Manual credential rotation is often delayed.
Automated secret rotation minimizes exposure after compromise.
Organizations should design systems assuming credentials will eventually leak.
Automation reduces recovery time significantly.
Command 5: Improve Developer Security Awareness
Developers remain one of
Regular education about typosquatting, dependency confusion, fake SDKs, and software supply-chain attacks can prevent successful compromises.
Security training must evolve alongside modern attack techniques.
What Undercode Say:
The discovery of these fake Paysafe SDKs is another reminder that software supply-chain attacks are no longer isolated incidents—they have become a preferred tactic for cybercriminals targeting enterprises. Instead of attacking hardened production environments, attackers now infiltrate organizations through the developers building them.
What makes this campaign particularly dangerous is its credibility. The package names mimic trusted payment SDKs, their APIs behave as expected, and developers may never suspect anything unusual during initial testing. This level of deception reflects a growing understanding of developer workflows.
Another significant concern is the simultaneous targeting of both npm and PyPI. This demonstrates operational planning rather than opportunistic abuse. Threat actors understand that modern organizations rarely rely on a single programming language, making multi-ecosystem attacks increasingly effective.
The malware itself is technically straightforward, but simplicity should not be mistaken for weakness. Credential theft remains one of the fastest paths toward cloud compromise, source code theft, ransomware deployment, and supply-chain infiltration.
Cloud credentials, GitHub tokens, CI/CD secrets, and package publishing credentials represent extremely valuable assets. Compromising these can enable attackers to poison future software releases, distribute malware to thousands of downstream users, or gain persistent access to enterprise infrastructure.
Organizations should stop assuming that package repositories automatically guarantee trust. Open-source ecosystems thrive because of community contributions, but that openness also creates opportunities for malicious publishers.
This incident also reinforces the importance of Software Bill of Materials (SBOM), automated dependency scanning, package reputation analysis, and developer-focused security programs. Security must shift further left into the development lifecycle rather than relying solely on endpoint protection after deployment.
As software ecosystems continue growing, attackers will likely automate malicious package creation using artificial intelligence, enabling them to launch hundreds or even thousands of convincing fake libraries within hours.
The future of software security depends not only on protecting production systems but on securing every dependency, every developer workstation, every build pipeline, and every package update before it enters production.
Organizations that fail to modernize their software supply-chain defenses will increasingly become victims of attacks that begin with a single seemingly harmless dependency.
✅ Fact: Security researchers identified multiple malicious packages published across both npm and PyPI that impersonated Paysafe-related SDKs and were designed to steal developer credentials.
✅ Fact: The malware targeted valuable secrets including API keys, AWS credentials, GitHub tokens, npm tokens, and other authentication data, making developer environments the primary focus of the campaign.
✅ Fact: The recommended response includes immediately removing the malicious packages, rotating all potentially exposed credentials, auditing dependency trees, and reviewing CI/CD logs for indicators of compromise.
Prediction
(+1) Security platforms will increasingly integrate AI-powered package reputation analysis, real-time dependency verification, and automated supply-chain monitoring to detect malicious libraries before developers install them.
(-1) Threat actors are likely to expand beyond npm and PyPI, launching coordinated campaigns across additional package repositories while using AI to generate increasingly convincing fake SDKs, making software supply-chain attacks more frequent and more difficult to detect.
🕵️📝Let’s dive deep and fact‑check.
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
References:
Reported By: www.bleepingcomputer.com
Extra Source Hub (Possible Sources for article):
https://www.quora.com/topic/Technology
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon | 📺Youtube



