North Korean PolinRider Campaign Expands Software Supply Chain Attacks Through GitHub, npm, Go, and Chrome Extensions + Video

Listen to this Post

Featured Image

Introduction

Software supply chain attacks have become one of the most dangerous cybersecurity threats facing developers and organizations worldwide. Instead of attacking victims directly, threat actors increasingly target the trusted tools, packages, and repositories developers rely on every day. A newly expanded campaign linked to North Korean threat actors demonstrates how sophisticated these operations have become, blending compromised maintainer accounts, malicious open-source packages, developer tooling abuse, and stealth techniques that are difficult to detect.

Security researchers have now uncovered a large-scale operation known as PolinRider, an extension of the long-running Contagious Interview campaign. The operation shows how attackers continue evolving their tactics by abusing GitHub repositories, package registries, Visual Studio Code automation, and blockchain infrastructure to distribute malware while remaining hidden inside legitimate development environments.

Summary

Researchers have identified an extensive malware campaign associated with North Korean threat actors that has published 108 unique malicious packages and browser extensions, resulting in 162 malicious release artifacts across several software ecosystems. The operation targets developers through compromised repositories, poisoned software packages, malicious VS Code task files, and hidden JavaScript loaders capable of deploying advanced malware families including BeaverTail, DEVPOPPER RAT, and OmniStealer.

The campaign continues to evolve by abusing trusted open-source ecosystems, making detection increasingly difficult even for experienced developers.

PolinRider Marks a Major Evolution in Supply Chain Attacks

Security researchers from Socket discovered that the PolinRider campaign remains highly active and continues expanding across multiple software ecosystems.

The malicious releases include:

19 npm packages

10 Composer (Packagist) packages

61 Go modules

One malicious Google Chrome extension

Rather than creating obviously malicious repositories, attackers compromise legitimate maintainer accounts or obtain publishing rights, allowing them to distribute infected versions through trusted software registries.

This strategy significantly increases the likelihood that developers unknowingly install malicious packages during routine software development.

Contagious Interview Continues Targeting Developers

The broader operation is linked to the infamous Contagious Interview campaign, a North Korean cyber espionage effort active since at least 2023.

Unlike conventional phishing campaigns, these attackers invest considerable effort into building credibility before launching their attacks.

Victims are approached through:

LinkedIn

GitHub

Freelancing platforms

Professional developer communities

Threat actors frequently impersonate recruiters from cryptocurrency companies or technology startups, offering attractive employment opportunities that eventually require candidates to execute “technical assessments” containing malicious code.

To enhance their credibility, attackers create convincing fake companies, complete websites, AI-generated employee profiles, and polished recruitment processes.

GitHub Repositories Become Malware Distribution Platforms

OpenSourceMalware researchers initially detected PolinRider in March 2026 after observing attackers injecting heavily obfuscated JavaScript payloads into hundreds of public GitHub repositories.

The malicious code ultimately delivers a newer version of BeaverTail, a malware family already associated with previous Contagious Interview operations.

The scale of repository compromise is alarming.

By April 11, 2026:

1,951 public GitHub repositories had been compromised.

Those repositories belonged to 1,047 different owners.

The widespread nature of these compromises illustrates how software supply chain attacks can spread across thousands of downstream projects without immediate detection.

TaskJacker Integration Increases Infection Opportunities

Researchers also discovered that PolinRider has merged techniques from another threat cluster known as TaskJacker.

Instead of relying solely on malicious packages, attackers now insert malicious VS Code task files into legitimate repositories.

These files leverage the following configuration:

"runOn": "folderOpen"

This setting causes arbitrary code execution immediately after a developer opens the project inside Visual Studio Code or compatible editors such as Cursor.

Because developers routinely clone repositories and open projects without inspecting task configurations, this technique creates an effective infection vector that requires minimal user interaction.

Maintainer Accounts Are the Primary Target

Investigators believe the attackers are generally not stealing GitHub credentials directly.

Instead, they compromise trusted maintainer accounts through alternative recovery mechanisms, including:

Expired domain takeovers

Account recovery abuse

Registry ownership transfers

Legacy maintainer access

Once attackers obtain publishing permissions, they distribute infected releases while preserving the appearance of legitimacy.

This method bypasses many traditional software supply chain defenses because package signatures and publishing histories often appear authentic.

Malware Quietly Modifies Developer Projects

Once executed, the malware searches development environments for common JavaScript configuration files including:

postcss.config.mjs

tailwind.config.js

eslint.config.mjs

next.config.mjs

babel.config.js

app.js

If these files exist, the malware silently appends malicious JavaScript payloads.

Rather than creating entirely new files, modifying existing project configurations helps conceal malicious code within legitimate development workflows.

Git History Manipulation Makes Detection Difficult

One of the

On Windows systems, attackers utilize batch scripts that modify commit metadata, making malicious changes appear to have originated from the repository’s legitimate maintainer.

Researchers believe similar techniques exist for Linux and macOS.

Additional stealth techniques include:

Force-pushed commits

Artificially backdated commits

Manipulated commit authors

Altered repository timelines

These methods undermine one of

Blockchain Infrastructure Becomes Malware Command Channel

The newest PolinRider variant introduces another significant evolution.

Instead of contacting traditional command-and-control servers, the malware communicates with blockchain-related infrastructure, including:

TRON services

Aptos services

BNB Smart Chain infrastructure

These platforms deliver encrypted second-stage payloads that ultimately install:

DEVPOPPER RAT

OmniStealer

Using decentralized blockchain infrastructure complicates detection and disruption because defenders cannot simply block a single malicious server.

Additional Malicious Packages Continue Appearing

Researchers from JFrog recently identified additional npm packages connected to the Contagious Interview campaign.

Some of these packages disguised themselves as legitimate Rollup polyfill utilities while secretly enabling:

Remote access

Credential theft

Data exfiltration

Other recently discovered npm and Go packages employed the same VS Code auto-run mechanism previously associated with TaskJacker and Fake Font campaigns.

The overlapping techniques strongly suggest coordinated development among multiple malware clusters operated by the same threat ecosystem.

Recommended Defensive Actions

Organizations and developers who installed any affected packages should immediately assume compromise.

Security experts recommend:

Rotating all exposed credentials from a clean device.

Removing compromised package versions.

Rebuilding projects from trusted lockfiles.

Auditing repositories for unauthorized commits.

Inspecting .vscode/tasks.json files.

Reviewing configuration files for unauthorized JavaScript injections.

Examining package release histories instead of relying solely on visible Git commits.

Monitoring developer workstations for persistence mechanisms.

Early incident response remains critical because compromised developer environments often provide attackers access to production infrastructure, cloud credentials, and proprietary source code.

What Undercode Say:

The PolinRider operation demonstrates a clear shift in modern cyber warfare. Instead of focusing on end users, attackers are investing in developer ecosystems because compromising one trusted package can cascade into thousands of downstream systems.

The campaign also highlights how software trust is becoming increasingly fragile. Developers naturally trust package managers, repository histories, and maintainer identities, yet all three are now being actively manipulated.

The abuse of Git history rewriting is particularly significant. Many security teams review commit timelines when investigating incidents, but if attackers can falsify those timelines, traditional forensic assumptions become unreliable.

Equally concerning is the increasing use of blockchain infrastructure for malware delivery. Decentralized services reduce attackers’ dependence on conventional command-and-control servers, making takedowns substantially more difficult.

Another noteworthy trend is the convergence of multiple attack techniques. PolinRider is no longer a standalone campaign but incorporates behaviors previously attributed to Fake Font, TaskJacker, BeaverTail, DEVPOPPER, and OmniStealer. This convergence suggests a mature development lifecycle where threat actors continuously integrate successful techniques into newer operations.

Developers should also reconsider the implicit trust placed in IDE automation. Features designed for productivity, such as automatic task execution, can become powerful attack vectors when repository integrity is compromised.

From a defensive standpoint, organizations should adopt repository monitoring beyond simple commit reviews. Package metadata, release ownership changes, dependency audits, and registry activity should become standard components of software supply chain security.

Deep Analysis (Linux, Windows, and macOS Commands)

Modern defenders should supplement traditional repository reviews with technical validation.

Verify Git commit integrity:

git log --stat --decorate --all

Inspect commit signatures:

git log --show-signature

Search for suspicious JavaScript injections:

find . -type f -name ".js" -exec grep -H "eval(" {} \;
Locate unexpected VS Code task files:
find . -path "/.vscode/tasks.json"

Review recently modified project files:

find . -mtime -7

Check Git remote configuration:

git remote -v

Verify repository status:

git status

Review hidden Git references:

git show-ref

Compare package lockfiles:

npm audit

Verify Go module integrity:

go mod verify

Inspect dependency tree:

npm ls

Review Composer dependencies:

composer audit

Search for suspicious font payloads:

find . -name ".woff2"

Review shell history:

history

Inspect running processes:

ps aux

Review active network connections:

netstat -tulpn

Search for recently created files:

find / -ctime -3 2>/dev/null

Hash suspicious files:

sha256sum suspicious.js

Verify package ownership before installation:

npm owner ls package-name

Audit installed extensions in VS Code:

code --list-extensions

These commands help identify indicators of compromise that may remain invisible during normal development workflows.

✅ Confirmed: Security researchers from Socket, OpenSourceMalware, JFrog, and eSentire have independently documented activity consistent with the PolinRider and Contagious Interview campaigns, strengthening confidence that the threat is real and actively evolving.

✅ Confirmed: The campaign abuses trusted software supply chains by distributing malicious packages through npm, Packagist, Go modules, GitHub repositories, and developer tooling, matching observed tactics from recent investigations.

❌ Not Fully Verified: While the campaign has been attributed to North Korean threat actors by multiple security companies based on technical indicators and operational patterns, public attribution remains an intelligence assessment rather than judicially proven fact.

Prediction

(+1) Software registries will continue strengthening maintainer verification, package signing, and repository integrity checks to reduce the effectiveness of future supply chain compromises.

(-1) Threat actors are likely to expand these techniques into additional developer ecosystems, cloud CI/CD pipelines, AI coding assistants, and emerging package registries, increasing the complexity of defending modern software development environments.

▶️ Related Video (76% Match):

🕵️‍📝Let’s dive deep and fact‑check.

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

References:

Reported By: thehackernews.com
Extra Source Hub (Possible Sources for article):
https://www.twitter.com
Wikipedia
OpenAi & Undercode AI

Image Source:

Unsplash
Undercode AI DI v2

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeNews & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon | 📺Youtube