Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

The Hacker News by The Hacker News
July 3, 2026
Home Cybersecurity
Share on FacebookShare on Twitter


Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft.

According to JFrog, the packages “rollup-packages-polyfill-core” and “rollup-runtime-polyfill-core” mimic the legitimate “rollup-plugin-polyfill-node” project, down to the description, repository metadata, and package shape.

“The lookalike packages place themselves in the same rollup, polyfill, core, and node naming space, which can look plausible during a quick dependency review,” JFrog said in a technical write-up of the campaign.

The campaign also involves four other packages, all of which have since been removed from the npm registry –

  • quirky-token
  • react-icon-svgs
  • rollup-plugin-polyfill-connect
  • swift-parse-stream

What’s noteworthy here is that “rollup-packages-polyfill-core” installs and loads “swift-parse-stream,” while “rollup-runtime-polyfill-core” installs and “quirky-token.” In a similar fashion, “react-icon-svgs” has been found to install “rollup-plugin-polyfill-connect” as a second stage.

“The second-stage packages are near-identical SVG utilities that fetch a JSON object from JSONKeeper and eval the model field,” the cybersecurity company said. “This layered structure, together with the lookalike names, legitimate-looking metadata, hidden install-time execution, environment checks, and credential-theft/remote-access payloads, is similar to previous North Korean Lazarus-linked npm campaigns.”

It’s worth emphasizing here that this is not the first time North Korean threat actors have uploaded npm packages impersonating Rollup polyfill tools. In April 2026, Panther detailed a sustained npm campaign that involved publishing 108 malicious npm packages spanning 261 versions to deliver BeaverTail and OtterCookie, two known malware families linked to Contagious Interview. Among those packages was “rollup-plugin-polyfill-route,” which was published on March 20, 2026.

The starting point of the attack is a Base64-encoded npm install command for “swift-parse-stream” (or “quirky-token”) that’s concealed within “rollup-packages-polyfill-core” (or “rollup-runtime-polyfill-core”). The two second-stage packages are dressed up as SVG sanitization utilities, while reaching out to a JSON Keeper URL to retrieve and execute a JavaScript malware.

The JavaScript code runs checks to avoid execution within cloud development environments, sandboxes, serverless runtimes, and analysis infrastructure. Past this gate, the malware installs the necessary dependencies and reaches out to an external server (“216.126.236[.]244”) to fetch an encrypted JavaScript payload.

The decrypted payload then acts as a loader for additional scripts responsible for enabling remote access to the compromised host to support interactive terminal sessions, command execution, screenshot capture, process termination, Windows-only mouse movement, clicks, scrolling, keyboard presses, and hotkeys using the “@nut-tree-fork/nut-js” package, as well as steal data from web browsers and cryptocurrency wallets, collect files matching specific extensions, and periodically capture clipboard content.

The features overlap with those of OtterCookie, with the use of “@nut-tree-fork/nut-js” for remote mouse and keyboard control also observed in a package named “express-session-js” that was detailed by SafeDep in April 2026. The file collector component has been found to specifically look for editor history associated with Microsoft Visual Studio Code, Windsurf, and Cursor, along with developer and AI tool configurations, such as AWS, Microsoft Azure, Google Gemini, Anthropic Claude, Foundry, SSH, and Z shell (Zsh).

“Rollup plugins are commonly loaded from local configuration files, developer workstations, and CI jobs,” JFrog said. “These environments often have access to sensitive assets such as source code, npm tokens, Git credentials, cloud keys, SSH keys, browser data, and project secrets.”

“The payload is also broader than a simple downloader. Once the later stages run, the attacker gains both collection and control capabilities. This makes the payload relevant to developer workstations and build machines, where API keys, SSH keys, wallet material, cloud credentials, and project secrets are often present.”

The disclosure coincides with the discovery of multiple software supply chain attacks by Checkmarx, SafeDep, and AWS security researcher Chi Tran aimed at poisoning open-source package repositories and stealing valuable data –

  • A cluster of at least eight trojanized “pyrogram” forks published by a threat actor operating under multiple identities between November 2025 and June 2026, including a hidden backdoor that grants them full remote control over any server running the infected PyPI package by running arbitrary Python code or shell commands sent by the attacker. The results of the command execution are exfiltrated via Telegram. The activity has been codenamed Operation Navy Ghost by Checkmarx.
  • A cluster of 30 npm packages mimicking Polymarket tooling and general mathematics libraries published by 10 npm maintainer accounts that targeted DeFi developers to deliver a JavaScript infostealer that reads crypto wallet vaults, browser credentials, SSH keys, AWS credentials, npm tokens, Docker configurations, shell history, and password manager databases.
  • A cluster of 25 npm packages published under the @marketfront scope by an npm account named “marketfront” that contains a postinstall credential harvester that reads 20 credential and secret files, including ~/.ssh, ~/.aws/credentials, ~/.kube/config, ~/.docker/config.json, ~/.npmrc, ~/.netrc, ~/.pgpass, ~/.git-credentials, ~/.env, and shell history, and exfiltrates the data.
  • A Python package named “security-alerts-sdk” that claims to be a data breach-monitoring tool but harbors code to launch a backdoor that periodically polls an external server (“142.93.211[.]30:5000”) for commands and exfiltrates SSH private keys, AWS credentials, Docker/npm/PyPI/git tokens, .env files, and browser credential databases to the same server.
  • A cluster of 15 npm packages published by a single threat actor operating under 13 npm scopes that triggers a postinstall JavaScript payload responsible for downloading and executing a Rust-compiled ELF binary hosted on GitHub, which then harvests a wide range of data from cryptocurrency wallets, web browsers, and other applications, including cloud provider tokens, SSH keys, messaging platform sessions, database client configurations, and developer credentials.
  • An npm package named “events-runtime” that typosquats the “events” package and conditionally spawns a cryptocurrency wallet stealer, exfiltrates host reconnaissance data over Slack and Telegram, opens a bidirectional Slack command channel, and reads configuration and payload chunks from an Ethereum smart contract used as a dead drop resolver. The malicious logic is fired only when the event ID is “eventId0.”
  • An npm package named “o3forms” that steals cloud service provider credentials, scans developer secrets and CI/CD environments, performs internal network reconnaissance, and exfiltrates the data to an attacker-controlled Cloudflare Workers endpoint. “The attacker split the attack into a deliberately benign, registry-published package and a GitHub-pinned *-utils sub-dependency that carries both the install hooks and the actual malware,” Tran said. “This structure is designed specifically to defeat the static and lifecycle-script scanning that most registry-side and CI-side tooling relies on.”

Users who have installed any of the aforementioned packages are advised to remove them from their workstations, assume compromise and rotate credentials, block the malicious egress channels, and enable dependency scanning in CI/CD pipelines to flag newly published or suspicious packages.



Source link

The Hacker News

The Hacker News

Next Post
Surfshark publishes Impact Report 2025

Surfshark publishes Impact Report 2025

Recommended.

Learning Management System (LMS) Market to Grow by USD 79.06 Billion (2024-2028), Adoption of NGDLE in Academic Sector Boosting Growth, with AI Redefining the Market Landscape – Technavio

Learning Management System (LMS) Market to Grow by USD 79.06 Billion (2024-2028), Adoption of NGDLE in Academic Sector Boosting Growth, with AI Redefining the Market Landscape – Technavio

January 31, 2025
MPs press outsourcer TCS over Jaguar cyber attack | Computer Weekly

MPs press outsourcer TCS over Jaguar cyber attack | Computer Weekly

September 30, 2025

Trending.

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

May 21, 2025
Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

April 23, 2025
MocPOGO Easter Special Deals: The Pokémon GO Spoofer You Need for Might and Mastery 2025!

MocPOGO Easter Special Deals: The Pokémon GO Spoofer You Need for Might and Mastery 2025!

April 7, 2025
VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

September 11, 2025
Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

May 8, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio