Malware in the Node.js ecosystem is hiding in plain sight. Security researchers uncover npm packages with thousands of installs, delivering remote access trojans, infostealers, or backdoors. The largest one has over 45,000 weekly downloads.
Aikido security platform detected a massive supply chain attack and has flagged a popular npm package named “rand-user-agent.” It was found to contain an extremely sophisticated remote access trojan (RAT), likely inserted by a state-sponsored threat actor from Russia.
This package, despite being no longer supported by the original developer, still has about 45.000 weekly downloads.
The package “rand-user-agent” generates randomized real user-agent strings based on their frequency of occurrence. This helps to avoid being detected as a bot when making multiple requests. This feature is very useful for web scraping applications.
The npm is a repository for open-source JavaScript (JS) packages. Developers use it to install and manage code in their projects. Think of it as an app store for JS code libraries.
Hackers have been increasingly targeting npm recently as an easy way to compromise thousands of developers and users of their projects. Developers may unknowingly include compromised npm packages, or AI assistants might suggest them to “vibecoders.” Thirty other npm packages use “rand-user-agent” as a dependency.
The “rand-user-agent” package was developed by WebScrapingAPI, a company that specializes in web scraping. The last update for the GitHub project was seven months ago, and the npm package has been deprecated.
However, the Aikido researchers found three unexpected releases over the past two weeks that introduced the malicious code. The researchers suspect the original developer’s access token to npm has been compromised.
The hackers used whitespace characters to hide the malware within the code. The included strings also included multiple other layers of obfuscation, making detection difficult.
The RAT is capable of executing any shell command received from the command and control (C2) server. The script silently hijacks and replaces legitimate Python toolkits with malicious binaries.
“The sophistication of this is extraordinarily high, and all signs point to a state-sponsored APT (advanced persistent threat). We know that the C2 (command and control) server is actually being hosted by a Russian organization,” Aikido Security said in a video.
The malicious “rand-user-agent” versions have been removed from npm at the time of writing.
Onslaught of npm packages
In recent weeks, several high-profile npm packages have been compromised through similar supply chain attacks.
In April 2025, Aikido detected that multiple versions of xrpl.js, Ripple’s official JavaScript SDK for the XRP Ledger, were backdoored. Hackers injected malicious code designed to exfiltrate private keys. This npm package has around 200.000 weekly downloads.
“This package is used by hundreds of thousands of applications and websites, making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem,” the firm said.
In May, cybersecurity researchers from Socket discovered that multiple npm packages, posing as developer tools, hijack the Cursor Editor on macOS. The malicious packages had already been downloaded over 3,000 times.
The npm is not unique, and other code repositories are frequent targets, too. Cybernews reported on campaigns targeting users on GitHub, such as malware distribution via various game mods, cracks, or cheats. Nasty surprises have also been detected on the PyPi (Python Package Index) package repository.
Your email address will not be published. Required fields are markedmarked