Skip to main content

On This Page
← AI News
AI News Cyber Security Software Vulnerability

PhantomRaven Malware Exploits npm Packages to Steal Developer Secrets

2 min read
Share

These articles are AI-generated summaries. Please check the original sources for full details.

PhantomRaven Malware Exploits npm Packages to Steal Developer Secrets

Attack Overview

PhantomRaven is a sophisticated supply chain attack targeting the npm registry, discovered by Koi Security in August 2025. The campaign involves 126 malicious npm packages that have been downloaded over 86,000 times, compromising developer environments by stealing GitHub tokens, CI/CD secrets, and system data.

Key Packages and Downloads

  • op-cli-installer: 486 downloads
  • unused-imports: 1,350 downloads
  • badgekit-api-client: 483 downloads
  • polyfill-corejs3: 475 downloads
  • eslint-comments: 936 downloads

These packages were flagged by DCODX, a DevSecOps company, for their suspicious behavior.

Attack Mechanism

The malware leverages remote dynamic dependencies (RDDs) to execute malicious payloads:

  • Malicious URLs: Packages point to a custom server (packages.storeartifact[.]com) instead of the official npm registry (npmjs[.]com). Security tools typically ignore these URLs, making the attack stealthy.
  • Pre-install Hook: When a developer installs a “benign” package, a pre-install script triggers the execution of the payload.
  • Data Exfiltration: The malware scans the environment for:
    • Email addresses
    • CI/CD environment details
    • System fingerprints (public IP, OS info)
    • GitHub tokens and secrets

Impact and Tactics

  • Stealth: The use of RDDs bypasses static analysis tools, and the initial code appears harmless until the attacker updates the dependency.
  • Slopsquatting: Attackers exploit AI-generated (LLM hallucinated) package names that mimic legitimate tools, increasing the likelihood of developer trust.
  • Automation: Lifecycle scripts (preinstall, postinstall) execute automatically, requiring no user interaction.

Mitigation Strategies

  • Dependency Auditing: Use tools like npm audit to check for untrusted dependencies.
  • Block RDDs: Configure security policies to reject packages referencing external URLs.
  • Monitor Package Names: Verify package names for AI-generated or suspicious patterns (e.g., non-standard naming).
  • CI/CD Security: Restrict access to secrets and enforce least-privilege principles in development environments.

Recommendations

  • Use Trusted Registries: Only install packages from verified sources (e.g., official npm registry).
  • Enable Security Scans: Integrate tools like Snyk or Dependabot to detect malicious dependencies.
  • Audit Install Scripts: Review preinstall/postinstall scripts in package metadata for suspicious commands.
  • Monitor for Anomalies: Track unusual network activity or data exfiltration from developer machines.

Reference

For further details, visit the full report: PhantomRaven Malware Attack

Continue reading

Next article

PyTorch Foundation Expands Open AI Infrastructure with Ray and Monarch

Related Content

Nov 7, 2025

AI-Driven Malware Exploits Open-Source Trust: VS Code Extension and npm Packages

A malicious VS Code extension with ransomware capabilities and 17 npm packages distributing Vidar Infostealer highlight AI's role in modern supply chain attacks, exploiting open-source ecosystems.

Read article
Oct 10, 2025

10 Malicious npm Packages Caught Stealing Developer Credentials Across Operating Systems

Cybersecurity researchers uncovered 10 typosquatted npm packages that deliver a 24MB PyInstaller info stealer, stealing credentials from Windows, macOS, and Linux systems via obfuscation and postinstall hooks.

Read article
Dec 2, 2025

Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools

Malicious npm package with 18,988 downloads evades AI security tools using deceptive prompts.

Read article