IndonesianFoods Worm: The Massive Spam Campaign That Infiltrated npm

Listen to this Post

Featured Image
The npm ecosystem, a cornerstone of JavaScript development, recently revealed a startling security threat. Security researcher Paul McCarty uncovered an unprecedented spam operation, now dubbed the “IndonesianFoods worm,” which injected over 43,000 malicious packages into the npm registry over nearly two years. Exploiting at least 11 attacker-controlled accounts, this campaign quietly manipulated the system, accounting for more than 1% of the entire npm ecosystem, all while evading conventional automated security tools. This discovery exposes a sophisticated method of exploiting package management systems, demonstrating both the ingenuity and persistence of modern attackers.

The IndonesianFoods Campaign: How It Worked

The IndonesianFoods worm was cleverly disguised. Its package names combined common Indonesian personal names like “andi,” “budi,” or “zul” with popular foods such as “rendang,” “sate,” and “tapai,” followed by random numbers and suffixes like “-kyuki” or “-breki.” Each package appeared legitimate, mimicking standard Next.js projects, including professional documentation, React dependencies, and configuration files, effectively camouflaging its malicious purpose.

The true danger lay dormant in scripts named auto.js or publishScript.js, which remained unreferenced in package installations. These scripts, when manually executed, initiated an automated cycle of publishing new packages every 7–10 seconds. Each cycle removed “private”: true flags, randomized version numbers to bypass npm duplication checks, and published fresh packages under Indonesian-themed names. This resulted in a staggering output of 12 packages per minute, or 17,000 per day, suggesting coordinated activity across multiple accounts or script instances.

The worm also propagated through dependency chains, referencing numerous other malicious packages within package.json files. A single infected package could recursively pull in over 100 spam packages, amplifying the registry’s bandwidth load and complicating removal efforts.

Monetization and Cryptocurrency Exploitation

Beyond spam, the campaign revealed a monetization strategy using the TEA protocol, a blockchain-based open-source reward system. Several packages contained tea.yaml files that linked to multiple TEA accounts, inflating the attackers’ contribution scores to earn undeserved cryptocurrency rewards. Some package READMEs even boasted about TEA token earnings. Evidence suggests at least one maintainer may be an Indonesian software engineer, aligning with the campaign’s regional theme.

This layering of spam and financial exploitation highlights the evolving sophistication of supply chain attacks. What began as a flood of junk packages transformed into a system leveraging blockchain incentives, underscoring how attackers exploit both ecosystem trust and financial mechanisms.

Implications for the npm Ecosystem

Despite the attack being described publicly in April 2024, it had evaded detection for nearly two years, revealing critical gaps in installation-time security scans. Because the scripts remained dormant until manually triggered, automated tools deemed the packages benign.

npm registry operators are now considering tighter rate limiting, improved bulk spam detection, and stronger account verification. Organizations are advised to audit dependencies for packages linked to known malicious accounts such as voinza and yunina. Enhancements in security scanning should target suspicious package clusters, recursive dependencies, and misuse of systems like TEA.

The IndonesianFoods worm demonstrates a shift in supply chain attacks, emphasizing volume, persistence, and ecosystem manipulation over traditional exploit code. Thousands of spam packages now pollute registry indexes, challenging the integrity of the JavaScript ecosystem and highlighting the need for proactive, ecosystem-wide defenses.

What Undercode Say:

The IndonesianFoods worm is a textbook example of modern supply chain attacks blending obfuscation, automation, and financial exploitation. The attackers exploited trust within npm, using familiar naming conventions and legitimate-looking project structures to bypass standard detection. By embedding dormant scripts, they avoided automated scanners that focus on lifecycle hooks or installation-time execution.

The worm’s propagation through dependency chains is particularly concerning. Recursive dependencies amplify impact exponentially, allowing a single compromised package to introduce hundreds of malicious packages into projects. This method complicates detection, removal, and remediation, especially for organizations relying heavily on third-party libraries.

The integration of TEA protocol manipulation indicates attackers are not just aiming to disrupt, but also to monetize at scale. This convergence of spam and cryptocurrency abuse could signal a new trend in supply chain threats where financial incentives accelerate malicious campaigns.

From a defensive standpoint, current security frameworks are insufficient. Traditional static analysis fails against dormant scripts, and behavioral scanning often overlooks packages that only activate malicious behavior manually. This calls for layered approaches: continuous dependency auditing, anomaly detection in package publishing patterns, and monitoring of blockchain-linked reward systems within open-source ecosystems.

The regional indicators—Indonesian names and food motifs—suggest a cultural or geographic operational footprint. While this may be coincidental, profiling attackers based on metadata patterns can help in anticipating future campaigns and deploying targeted countermeasures.

Cleanup is a monumental task. Removing thousands of interconnected spam packages from npm requires coordinated registry updates, blocklists, and automated detection tools capable of evaluating entire dependency graphs. The campaign’s sophistication shows attackers are prioritizing scale, speed, and invisibility, redefining how software supply chain attacks are approached.

This attack is a warning: the era of low-volume, exploit-focused attacks is giving way to high-volume, automated, financially motivated campaigns. Ecosystem trust is fragile, and without proactive defense strategies, similar campaigns could easily replicate in other package ecosystems, including PyPI, RubyGems, and Maven.

Fact Checker Results:

✅ Over 43,000 spam packages were published in npm over two years.

✅ Campaign used dormant scripts to bypass automated detection.

❌ Automated security scanners did not detect these packages during installation.

Prediction:

📊 Expect a surge in automated detection tools that analyze publishing patterns rather than just code behavior.
📊 Supply chain attacks may increasingly combine spam campaigns with financial incentives like cryptocurrency rewards.
📊 Other package ecosystems are likely to experience similar worm-like campaigns if proactive defenses are not implemented.

🕵️‍📝✔️Let’s dive deep and fact‑check.

References:

Reported By: cyberpress.org
Extra Source Hub (Possible Sources for article):
https://www.medium.com
Wikipedia
OpenAi & Undercode AI

Image Source:

Unsplash
Undercode AI DI v2
Bing

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeNews & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon