Phishing Attack Compromises 18 Popular NPM Packages
At least eighteen widely used JavaScript packages on NPM—with a combined weekly download volume exceeding two billion—were briefly compromised with malicious code after a phishing attack on one of the maintainers. Although the incident was quickly contained and the damage was confined to cryptocurrency operations, the team at Aikido, which discovered the tampering, warns that a similar scenario with a more aggressive payload could trigger a devastating and hard-to-detect outbreak of malicious code across the entire ecosystem.
The attack began with an email disguised as an official NPM notification, urging the maintainer to update two-factor authentication (2FA). Tricked into entering a one-time token on a fake login page, the developer unknowingly handed over credentials. Armed with these, the attackers accessed the maintainer’s NPM account, injected malicious code into at least eighteen popular libraries, and changed the account’s associated email address, temporarily locking out its rightful owner. According to Aikido, the injected code subtly intercepted browser-based cryptocurrency wallet activity, tampered with transaction interfaces, and rerouted transfers and approvals to attacker-controlled addresses—all without obvious signs of manipulation.
Aikido continuously monitors updates in major repositories, automatically scanning commits for suspicious behavior. Once the compromise was confirmed, the maintainer began purging affected packages. The phishing campaign itself relied on the domain npmjs.help, registered just two days before the attack and hosted via the dynamic DNS service dnsexit.com, which allows instant redirection to arbitrary IP addresses.
Security researchers at Seralys noted that the attackers, despite gaining access to such influential packages, limited their efforts to cryptocurrency theft—even though the compromised software supply chain could have enabled far greater disruption. Kevin Beaumont reminded the industry of a systemic vulnerability: much of the world’s software relies on countless interdependent modules, often maintained by a small, overworked group of volunteers. The growing culture of “vibe coding” has only deepened this reliance, multiplying dependencies and expanding the attack surface. In reality, deceiving just one maintainer can have global repercussions.
Experts emphasize that popular packages must be published only through verifiable build processes—for example, predictable CI pipelines triggered by merges into main branches—while blocking ad-hoc external publishing. They also recalled the recent late-August incident, when the developer of the “nx” toolkit (with roughly six million weekly downloads) was compromised. That attack inserted a token and key harvester for GitHub, NPM, SSH, and API credentials, exfiltrating data not to a remote server but to an automatically created public repository in the victim’s own account.
Nicholas Weaver of the International Computer Science Institute argues that contributors should be required to adopt phishing-resistant forms of two-factor authentication, particularly physical security keys. Given modern software’s deep dependence on registries like NPM, he contends that the absence of mandatory keys is no longer a matter of personal choice but a risk to global infrastructure.
For many maintainers, such attacks prove overwhelming, often leading them to abandon projects altogether under the weight of pressure and responsibility. This latest episode starkly illustrates the fragility of the open-source supply chain—and how a single successful phishing campaign can escalate into an industry-wide crisis unless build provenance is strictly enforced and phishing-resistant authentication becomes the norm.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
