Connect with us

Hi, what are you looking for?


Application Security

1,300 Malicious Packages Found in Popular npm JavaScript Package Manager

Malicious actors are using the npm registry as the start point for open source software (OSS) supply chain attacks.

Open source software offers huge potential for criminals and nation states to deliver widespread supply chain attacks. OSS registries provide a major feeding ground with easy access.

Malicious actors are using the npm registry as the start point for open source software (OSS) supply chain attacks.

Open source software offers huge potential for criminals and nation states to deliver widespread supply chain attacks. OSS registries provide a major feeding ground with easy access.

Npm, Inc., a subsidiary of Microsoft-owned GitHub, is the largest OSS registry providing JavaScript packages. It contains more than 1.8 million active packages – but has, says open-source security management firm WhiteSource, become a playground for ‘malicious actors’. Over the last six months, the WhiteSource Diffend malware detection platform has reported more than 1,300 malicious packages to npm for stealing credentials, stealing crypto and running botnets.

Diffend was acquired by WhiteSource in April 2021. Its creator, Maciej Mensfeld joined WhiteSource as senior product manager.

In its NPM Threat Report (PDF), WhiteSource explains that through 2021 it tracked more than 32,000 packages uploaded to npm each month. There is even higher activity in new package versions, with an average of more than 17,000 published daily throughout 2021.

“Unfortunately,” comments Rami Sass, co-founder and CEO of WhiteSource, “that popularity is being used by threat actors to spread malware and launch attacks that harm businesses and individuals.”

The size of the problem for industry and the opportunities for malicious actors are immense. It is expected that there will be more than 2 billion websites by the end of 2022, and almost 98% will be using JavaScript. Many of the developers will turn to npm to provide readymade JavaScript solutions. The problem is that downloaded npm packages don’t need to be run or used – if a malicious npm is downloaded, it is automatically given permission to do whatever it wants.

Advertisement. Scroll to continue reading.

These permissions apply both to packages with unintended vulnerabilities, and to packages with malicious code inserted by attackers.

WhiteSource Diffend is currently detecting around 10 malicious packages every day. Most of these are engaged in reconnaissance, actively or passively gathering information that can support future targeting. Fourteen percent, however, are designed to steal sensitive data such as credentials.

“As far as I know,” Mensfeld told SecurityWeek, “at least until the end of 2021, there were no automatic tools on npm that would prevent anyone from uploading anything to the registry. So, if you wanted to upload a package that would remove, on download, all the data on the user’s computer, you could easily do that. There are no pre-checks on the package.”

WhiteSource reports its findings to npm, which removes the malicious packages from the registry. However, if a new malicious package is detected and reported on a Friday, it is not likely to be removed before the following Monday – and during this period it could potentially be downloaded thousands or even millions of times by automated registry managers. Noticeably, WhiteSource reports Friday as a popular day for new malicious packages to be uploaded to the registry.

A classic example of an OSS supply chain attack was revealed in late October 2021. Attackers inserted malicious code into three versions of ua-parser-js after seemingly taking over the developer’s npm account. “Ua-parser-js is used to parse user agent strings in order to identify a user’s browser, operating system (OS), device, and other attributes,” explains WhiteSource. “Three new versions of this package were released in an attempt to get users to download them.”

The package author responded quickly with new clean versions, but the malicious code remained within the registry for a further three hours. Ua-parser-js was being downloaded approximately 8 million times each week at the time. 

“Any computer that has this package installed or running should be considered fully compromised,” warned GitHub. “A computer or device with the affected software installed or running could allow a remote attacker to obtain sensitive information or take control of the system,” advised CISA.

WhiteSource warns that malicious actors are actively researching the most effective ways to use npm for attacks. Since a malicious package is unlikely to remain in the registry undetected for more than a week, inactive code may be uploaded to a new or abandoned package to see whether it will be detected and how long it takes – similar in concept to malware authors testing their new malware versions on VirusTotal.

WhiteSource warns that developers who use npm (or any other OSS registry) should not blindly trust the system, should update only when confident in the content, should track changes, should run continuous integration (CI) in isolated stages, should create a security flow that matches the organization profile, and should take care of the entire SDLC.

WhiteSource, headquartered in Boston, U.S.A, was founded in 2011 by Azi Cohen (GM), Rami Sass (CEO), and Ron Rymon (executive chairman). It raised $75 million in a Series D funding round in April 2021.

RelatedCyber Insights 2022: Supply Chain

Related: ‘Critical Severity’ Warning: Malware Found in Widely Deployed npm Packages

Related: GitHub Confirms Another Major NPM Security Defect

Related: Vulnerability in ‘netmask’ npm Package Affects 280,000 Projects

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Thirty-five cybersecurity-related M&A deals were announced in February 2023


Forty cybersecurity-related M&A deals were announced in January 2023.