npm Supply Chain Attack: Four Malicious Packages Distributing Infostealers and DDoS Malware
Four typosquatted and cloned npm packages have been discovered delivering infostealer malware and DDoS bot capabilities to developers. The packages exploited common naming conventions and dependency confusion to achieve distribution across thousands of downloads.
Affected
Four malicious npm packages have been identified in the wild, combining typosquatting tactics with direct package cloning to compromise developer machines. The packages chalk-tempalte (825 downloads), @deadcode09284814/axios-util (284 downloads), axois-utils (963 downloads), and colour-style-utils (934 downloads) represent a coordinated campaign leveraging both common misspellings and scoped namespace registration to evade detection.
The technical approach is straightforward but effective: packages are named to closely resemble legitimate dependencies, relying on developer typos during manual installation or subtle mistakes in package.json specifications. One package is confirmed as a clone of the Shai-Hulud worm previously open-sourced by TeamPCP, indicating either direct reuse of existing malware or opportunistic adaptation of public exploit code. The payload delivers dual capabilities: information stealing (likely targeting authentication tokens, SSH keys, and environment variables) and Phantom Bot DDoS functionality, allowing infected machines to participate in distributed denial-of-service operations.
The download counts, whilst moderate individually, represent successful compromise of development environments. Each infected developer machine becomes a persistence point and potential pivot for further intrusions. The attackers have likely profiled common typos and naming variations in the ecosystem, selecting high-value targets like axios-utils (a popular HTTP client wrapper) and chalk-tempalte (a template variant of chalk, a widely-used terminal colouring library).
Defenders should implement strict package installation practices: use exact version pinning, verify package source and maintainer reputation before installation, and monitor package.json for unexpected or unfamiliar dependencies. Organisations should audit npm audit logs and consider registry proxies that enforce allowlisting of known packages. For affected developers, immediate actions include revoking any exposed credentials, checking SSH keys and authentication tokens for misuse, and scanning for indicators of DDoS bot activity on compromised machines.
This campaign underscores a persistent vulnerability in the npm ecosystem: the absence of strong identity verification for package names and the reliance on developer discipline to prevent typos. Whilst npm has improved typosquatting detection, the attack surface remains large enough to support regular compromise attempts targeting developers across multiple vertical sectors.
Sources