Listen to this Post
Malicious npm and Go Packages Secretly Deploy Cross-Platform Python Infostealer Targeting Developers
Introduction
The open-source software ecosystem has once again become the battleground for sophisticated cyberattacks targeting developers around the world. Security researchers have uncovered a highly advanced software supply chain campaign involving compromised npm and Go packages that secretly deploy a Python-based information stealer capable of infecting Windows, Linux, and macOS systems. Unlike traditional malware that relies on well-known installation hooks, this campaign introduces an innovative execution method designed to evade modern security protections while abusing trusted development environments such as Visual Studio Code.
The discovery demonstrates how attackers continue adapting their techniques to remain invisible inside software repositories that millions of developers depend on every day. Rather than exploiting operating system vulnerabilities, the attackers weaponized legitimate development workflows, making the malware significantly more difficult to detect before execution.
Supply Chain Attack Targets Popular Developer Ecosystems
Cybersecurity researchers identified two malicious npm packages that concealed an advanced multi-stage malware framework. The compromised packages included:
html-to-gutenberg
fetch-page-assets
The second package directly depended on the first, allowing attackers to extend the infection chain naturally through dependency installation.
Both packages were uploaded to npm on May 25, 2026, before eventually being removed after discovery.
Instead of relying on npm lifecycle scripts that many security tools monitor, the attackers engineered an entirely different execution mechanism that bypasses many traditional detection strategies.
Hidden VS Code Task Becomes the Initial Infection Vector
One of the most concerning aspects of the campaign is its abuse of Microsoft Visual Studio Code automation.
Inside the malicious package resides a hidden .vscode/tasks.json configuration containing an automatically executed task named eslint-check.
The task uses:
runOn: folderOpen
which instructs VS Code to execute automatically once a trusted project folder is opened.
This subtle approach avoids triggering many package scanning mechanisms because the malicious activity does not begin during installation. Instead, execution occurs later when the developer opens the project inside the IDE.
For unsuspecting developers, simply opening what appears to be a legitimate project can silently begin the compromise.
Malware Disguises JavaScript as Font Files
To further avoid suspicion, the attackers stored JavaScript payloads inside files masquerading as web fonts.
One example:
public/fonts/fa-solid-400.woff2
Although carrying the extension of a standard web font, the file actually contains executable JavaScript.
Disguising malicious code as static assets helps bypass manual inspection while blending naturally into countless web development projects.
Connection to North Korean Developer Campaigns
Researchers noted strong similarities between this attack and previous operations attributed to North Korean threat actors.
The techniques closely resemble the Fake Font campaign, itself considered part of the broader Contagious Interview operation that has been targeting software developers since 2023.
Previous campaigns relied on fake recruitment opportunities and fraudulent technical interviews to convince developers to download malicious coding projects.
This newly discovered campaign appears to evolve the same strategy by hiding malware directly inside software dependencies.
Blockchain Infrastructure Used as Malware Delivery Network
One of the
Instead of embedding attacker-controlled servers directly into the malware, the malicious JavaScript retrieves encrypted payloads from blockchain transaction metadata.
Researchers observed use of:
TronGrid
Aptos
These blockchain services function as resilient payload repositories.
Because blockchain data cannot easily be removed, the attackers gain a highly durable infrastructure that survives traditional takedown efforts.
The malware repeatedly queries blockchain records to obtain updated command-and-control addresses throughout the infection lifecycle.
Socket.io Backdoor Grants Full Remote Access
Once active, the malware establishes communication with attacker-controlled infrastructure using Socket.io.
The backdoor enables operators to remotely control infected systems through capabilities including:
Shell command execution
File uploads
File downloads
Process management
Clipboard harvesting
File system browsing
Arbitrary JavaScript execution
This transforms infected developer workstations into remotely managed endpoints under attacker control.
Python Loader Deploys Extensive Information Stealer
After establishing persistence, the malware downloads a Python-based credential stealer.
The loader installs required Python dependencies before retrieving the final payload from the command-and-control server.
The infostealer targets an exceptionally wide collection of sensitive information.
Among the stolen data are:
Browser passwords
Cookies
Saved sessions
Cryptocurrency wallets
Authentication tokens
Password managers
Multi-factor authentication databases
The malware supports both Chromium-based browsers and Mozilla Firefox.
Developers Become Primary Targets
Unlike ordinary information stealers focused on consumers, this campaign specifically hunts developer environments.
Collected artifacts include:
Git credentials
GitHub CLI configuration
GitHub Desktop logs
Visual Studio Code storage
Project metadata
Development tokens
Compromising developer credentials creates opportunities for attackers to infiltrate software repositories, CI/CD pipelines, and enterprise development infrastructure.
Operating System Credential Stores Are Also Harvested
The malware expands beyond browsers by targeting native credential storage across every major operating system.
Windows:
Credential Manager
Linux:
Secret Service
KDE Wallet
macOS:
Keychain
By extracting credentials directly from operating system vaults, attackers significantly increase the value of every infected machine.
Cloud Storage Services Become Additional Targets
Researchers also found modules capable of identifying cloud storage metadata associated with:
Dropbox
Google Drive
Microsoft OneDrive
Apple iCloud
Box
Mega
pCloud
Although metadata collection differs from complete cloud compromise, it provides valuable intelligence for future attacks.
Telegram Used for Data Exfiltration
After collecting information, the malware compresses stolen files into ZIP archives.
These archives are uploaded to attacker-controlled infrastructure.
If configured, the malware can also transmit stolen information directly to Telegram bots, providing attackers with an alternative communication channel that may bypass some network monitoring solutions.
Go Ecosystem Also Compromised
The campaign was not limited to npm.
Researchers additionally discovered sixteen compromised Go packages containing the same fake font technique and malware components.
Many of these repositories appeared completely legitimate until newer releases silently introduced malicious files alongside authentic project code.
This demonstrates how software supply chain attacks increasingly target multiple programming ecosystems simultaneously.
Immediate Defensive Measures
Organizations and developers should immediately:
Remove any affected packages.
Search all repositories for hidden .vscode/tasks.json files.
Review automatic VS Code tasks.
Rotate passwords and API keys.
Replace GitHub tokens.
Regenerate cloud credentials.
Reset cryptocurrency wallet secrets if exposure is suspected.
Audit development machines for unusual Socket.io communications.
Scan systems for unauthorized Python processes.
Rapid credential rotation remains one of the most important responses because attackers may already possess harvested authentication data.
Deep Analysis (Linux Commands)
Modern software supply chain attacks increasingly abuse trusted development workflows instead of exploiting software vulnerabilities directly. Developers should integrate security auditing into every stage of development.
Useful Linux commands for investigation include:
find . -name tasks.json
find . -name ".woff2"
grep -R runOn .
grep -R folderOpen .
grep -R eslint-check .
find ~/.config -type f
find . -name ".vscode"
grep -R socket.io .
ps aux | grep python
netstat -tunap
ss -tunap
lsof -i
find /tmp -type f
journalctl -xe
history
cat ~/.bash_history
find . -type f | grep github
find . -type f | grep token
sha256sum suspicious_file.js
file public/fonts/fa-solid-400.woff2
strings public/fonts/fa-solid-400.woff2
clamscan -r .
freshclam
python3 --version
pip list
pip freeze
find ~/ -name ".zip"
find ~/ -mtime -7
crontab -l
systemctl list-units
sudo ausearch -m EXECVE
sudo last
sudo lastlog
sudo find / -perm -4000
sudo rkhunter --check
sudo chkrootkit
tcpdump -i any
wireshark
curl -I suspicious-domain
openssl dgst -sha256 file
Routine auditing of developer environments should become standard practice. Organizations must inspect IDE configuration files, monitor repository changes, validate package integrity, and implement cryptographic verification of dependencies. Supply chain attacks increasingly exploit trust relationships rather than technical vulnerabilities, making developer awareness equally as important as endpoint protection.
What Undercode Say:
This campaign represents one of the clearest examples of how software supply chain attacks continue evolving beyond traditional malware delivery methods. Instead of exploiting operating system flaws, the attackers exploited developer trust, which is often the weakest point in modern software production.
The most significant innovation is the decision to completely bypass npm lifecycle scripts. Security products have spent years improving visibility around installation hooks, forcing attackers to search for alternative execution paths. Abusing VS Code automatic tasks is an elegant workaround because many organizations rarely inspect IDE configuration files.
The fake font technique also deserves attention. Developers expect thousands of font files, images, CSS assets, and JavaScript libraries inside projects. Hiding executable payloads inside files carrying harmless extensions dramatically lowers suspicion during code reviews.
Another major evolution is the use of blockchain infrastructure. Traditional command-and-control servers are vulnerable to takedowns, domain seizures, and blacklisting. Blockchain transactions provide attackers with an infrastructure layer that is decentralized, persistent, and extremely difficult to eliminate permanently.
The inclusion of Socket.io creates more than a simple information stealer. It transforms infected workstations into remotely controlled systems capable of interactive operations, allowing attackers to manually explore valuable environments after automated credential theft.
Equally concerning is the
Cross-platform compatibility also demonstrates careful engineering. Supporting Windows, Linux, and macOS greatly expands the number of potential victims while reducing development costs for attackers through Python’s portability.
The simultaneous targeting of npm and Go ecosystems suggests long-term planning rather than opportunistic malware distribution. Threat actors increasingly understand that compromising open-source ecosystems can yield exponentially greater returns than attacking individual organizations.
Security teams should begin monitoring IDE behaviors alongside endpoint detection logs. Configuration files, editor extensions, automated tasks, and repository metadata have become valuable attack surfaces.
Software composition analysis alone is no longer sufficient. Behavioral monitoring of development environments, strict dependency governance, cryptographic package verification, and zero-trust development pipelines will become increasingly necessary.
Future campaigns will likely extend these techniques to additional ecosystems including Rust Cargo, Python PyPI, Maven, NuGet, Composer, RubyGems, and container registries.
The broader lesson is that trusted developer tools themselves are becoming attractive attack vectors. Organizations that overlook developer workstations as high-value assets may remain vulnerable despite investing heavily in perimeter security.
✅ Security researchers genuinely identified malicious npm packages that deployed malware through hidden Visual Studio Code tasks rather than traditional npm lifecycle scripts.
✅ The malware targeted Windows, Linux, and macOS while harvesting browser credentials, developer artifacts, cryptocurrency wallets, and operating system credential stores before transmitting stolen data to remote infrastructure.
✅ Researchers also confirmed similar malicious payloads inside multiple Go packages, reinforcing concerns that software supply chain attacks are expanding across multiple programming ecosystems rather than remaining isolated to npm.
Prediction
(+1) Software registries will introduce stronger automated analysis for IDE configuration files, hidden development tasks, and package assets disguised as non-executable resources.
(-1) Threat actors will continue shifting toward trusted development environments, blockchain-based command infrastructure, and multi-language package ecosystems, making future software supply chain attacks increasingly difficult to detect before compromise.
▶️ Related Video (84% Match):
🕵️📝Let’s dive deep and fact‑check.
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
References:
Reported By: thehackernews.com
Extra Source Hub (Possible Sources for article):
https://www.twitter.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon | 📺Youtube
