Malware Hidden in npm Package Infects Thousands of Projects
Security researchers have uncovered a major supply chain attack affecting the Node.js ecosystem, where thousands of developers have unknowingly installed malware via npm packages. A highly popular package, “rand-user-agent,” with over 45,000 weekly downloads, was found to contain a sophisticated Remote Access Trojan (RAT), likely deployed by a state-sponsored threat actor.
State-Sponsored APT Suspected in ‘rand-user-agent’ Compromise
Detected by the Aikido security platform, the attack was traced to recent malicious updates in the deprecated “rand-user-agent” npm package. Originally developed by WebScrapingAPI, the package was designed to generate randomized user-agent strings to aid in web scraping. Despite its abandonment, it remained widely used, with over 30 other npm packages listing it as a dependency.
Researchers believe that the original developer’s npm access token was compromised, allowing attackers to introduce three malicious updates over the past two weeks. These releases included a RAT hidden through extensive obfuscation and whitespace manipulation—techniques aimed at avoiding detection during static code analysis.
Once deployed, the RAT enables the execution of arbitrary shell commands from a remote command-and-control (C2) server. It can also hijack and replace legitimate Python toolkits with malicious binaries. According to Aikido, the infrastructure hosting the C2 server appears to be linked to a Russian organization, suggesting involvement by an advanced persistent threat (APT).
Package Removed, But Broader Supply Chain Risks Persist
The malicious versions of “rand-user-agent” have since been removed from the npm registry. However, the incident underscores a growing concern: the JavaScript package ecosystem is increasingly being exploited for large-scale supply chain compromises.
The npm registry, a critical platform for managing open-source JavaScript code libraries, has become a favored target. Attackers exploit the widespread practice of reusing packages by injecting malware into lesser-maintained dependencies that are still actively used across thousands of applications.
Ripple SDK and Developer Tools Also Compromised
This is not an isolated incident. In April 2025, Aikido also identified a backdoor in several versions of “xrpl.js,” Ripple’s official JavaScript SDK for the XRP Ledger. The malicious code was capable of exfiltrating private keys, posing a severe risk to the cryptocurrency ecosystem. With approximately 200,000 weekly downloads, the impact could have been catastrophic.
In May, researchers at Socket found additional malicious packages on npm disguised as developer tools, which hijacked the Cursor Editor on macOS systems. These packages had already been downloaded over 3,000 times.
npm Not Alone—Other Code Repositories Also Under Attack
Supply chain attacks are not confined to the npm ecosystem. Researchers have observed similar malware campaigns across GitHub and the Python Package Index (PyPi). Threat actors are embedding malicious code in game mods, cracks, and even legitimate-looking developer tools to compromise unsuspecting users.
The latest incidents highlight the ongoing risk posed by insecure software supply chains, particularly in open-source environments where code reuse is widespread and dependency chains are complex.
