Malicious NPM Packages Downloaded 86,000+ Times
▼ Summary
– Attackers have exploited a weakness in NPM to upload over 100 credential-stealing packages since August, with many going undetected.
– The campaign, tracked as PhantomRaven, uses NPM’s Remote Dynamic Dependencies to download unvetted packages from untrusted domains.
– These dependencies are invisible to static analysis tools and developers, showing as “0 Dependencies” while automatically installing malicious code.
– Remote Dynamic Dependencies allow packages to fetch code from unencrypted HTTP websites, bypassing NPM’s trusted infrastructure.
– The malicious dependencies are downloaded fresh from attacker servers each time a package is installed, avoiding caching or versioning.
A significant security vulnerability within the NPM package ecosystem has been uncovered, revealing that attackers have successfully uploaded over 100 credential-stealing packages since August. These malicious components were downloaded more than 86,000 times, with many evading detection for extended periods. Security researchers at Koi detailed the campaign, named PhantomRaven, which exploits a feature known as Remote Dynamic Dependencies. This mechanism allows installed packages to automatically retrieve and execute additional code from unverified external domains without proper vetting.
Koi’s report highlights that PhantomRaven uploaded 126 harmful packages to the NPM registry. As of Wednesday morning, approximately 80 of these packages were still accessible to users. The campaign underscores a growing sophistication among threat actors who are increasingly adept at finding and leveraging weaknesses in conventional security frameworks. According to Oren Yomtov of Koi, Remote Dynamic Dependencies create a critical blind spot because they remain invisible to standard static analysis tools used by developers and security teams.
Remote Dynamic Dependencies differ from traditional dependencies, which are typically downloaded from NPM’s own trusted infrastructure and are visible during installation. In contrast, RDD enables a package to pull code directly from external, and often untrusted, websites, including those using unencrypted HTTP connections. The PhantomRaven attackers embedded code within their NPM packages that triggered downloads of harmful dependencies from specific URLs, such as http://packages.storeartifact.com/npm/unused-imports. Since these downloads occur dynamically, they do not appear as listed dependencies, misleading developers and scanners into believing the package has “0 Dependencies.”
Making the situation more dangerous, these malicious dependencies are fetched anew from the attacker’s server every time the package is installed. They are not cached, versioned, or stored statically, which means each installation presents a fresh opportunity for the attacker to deliver updated malicious payloads. This approach allows the harmful code to bypass many security controls that rely on static checks or cached content, leaving systems exposed to ongoing risks.
(Source: Ars Technica)
