Someone hid a full RAT inside a fake npm package and exfiltrated victim data to HuggingFace
Posted by BattleRemote3157@reddit | programming | View on Reddit | 30 comments
A malicious npm package name js-logger-pack, went through 29 versions on the registry which was looking innocuous logger and ending as a binary dropper.
The payload it dropped was 81 MB of binary called MicrosoftSystem64 which is a full cross-platform RAT packaged as a Node.js Single Executable Application, so it shows up as a native binary to endpoint tools rather than a node process.
And the clever bit was instead of sending the stolen data directly to a C2 server, it uploads everything to private HuggingFace datasets using an embedded API token. So all exfiltration traffic appears as normal HTTPS requests to a legitimate ML platform.
If you have any of those in your install history then rotate everything like credentials, SSH keys, API tokens, crypto seed phrases. Al packages list and full technical breakdown is in blog.
amroamroamro@reddit
TIL nodejs can build a self-contained executable from a script
https://nodejs.org/api/single-executable-applications.html
Savings_Discount_230@reddit
29 versions is the real red flag here. legitimate logger packages don't iterate that fast. npm makes it trivial to push rapid updates that gradually morph from benign to malicious
one thing i started doing: before adding any new dep, check version history velocity and whether the maintainer has other established repos. npm audit won't catch supply chain attacks like this — it only checks known CVEs
the 29 versions in quick succession should have triggered alarms way before version 28 dropped the binary
carrottread@reddit
That was before AI coding agents era. Now everything iterate fast with each version bringing huge amount of code changes.
wildjokers@reddit
When is everyone going to agree that the javascript ecosystem is complete garbage?
tomz17@reddit
TBF, it's being targeted because it's one of the easiest ways to get a PROLIFIC supply chain attack bootstrapped. It's 100% ROI. Same reason malware writers target windows instead of more esoteric OS's with smaller userbases. There is nothing fundamentally "safer" about any other languages / container / distro package repository. Basically anything where users can contribute items AND simultaneously specify transitive dependencies is going to suffer from the exact same problems if it bubbles to the top of the ROI calculation for attackers.
cheezballs@reddit
Sure, but who would pull in this fake npm package. Am I misunderstanding? Who goes to npm, sees a random package and says "I gotta get this in my repo quick!"
How do these non-libraries keep getting pulled in? I get that its all transitive dependencies and shit, but someone somewhere has to make the first "this depends on this" decision that starts the whole thing.
ApokatastasisPanton@reddit
AI bots send mass slop generated PRs to update dependencies and some unfortunate maintainers might accept them. If it's a library it might make its way up the supply chain
zack6849@reddit
people compromise maintainer accounts and add it as a dependency, seems innocent enough to people looking at an added dependency, something about logging, sure, how many are going to go pull the source for that package and review it to see if it contains malware, especially if it's a change from a trusted maintainer?
deadbeef1a4@reddit
Another day, another npm supply chain attack
GuyWithPants@reddit
Must be one of those days ending in -y
campbellm@reddit
I'm surprised we're limiting them to 1 a day.
KamiKagutsuchi@reddit
it must be another hour divisble by 1
mareek@reddit
Another npm supply chain attack that makes the news
Just last week, I reported an account to npm and GitHub that had published 7 malicious npm packages. All these packages were scanning environment variables for credential and were sending them to a remote server.
This account claimed on GitHub that his packages were forks that fixed longstanding issues on popular and/or abandoned libraries. I got a notification because I commented on one of these issues a few years ago and was immediately suspicious.
I guess there are tons of malicious npm packages like this but we only hear about them when they hit a big target or when they're technically impressive
Hooxen@reddit
what is a rat? 🐀
backelie@reddit
I just hide the rats in the computer, an average rat only has a volume of less than half a litre.
richardathome@reddit
Remote Access Trojan I'm guessing.
Scottykl@reddit
Remote administration tool. Common for windows
dougmc@reddit
Technically correct, the right kind of correct!*
UnacceptableUse@reddit
https://www.malwarebytes.com/blog/threats/remote-access-trojan-rat
imp0ppable@reddit
So more of a HORSE
BattleRemote3157@reddit (OP)
yes obvious
mccoyn@reddit
Its not obvious and a web search for RAT doesn't mention it on the first page.
BattleRemote3157@reddit (OP)
ok yes it is Remote Access Trojan.
lighthawk16@reddit
Remote Access Tool. A trojan is the method for the RAT being added.
PrimozDelux@reddit
In the mouse driver dumbass...
9302462@reddit
Close, but you actually hide a RAT directly in the terminal as shown here https://ratty-term.org/
PrimozDelux@reddit
Hmm, but the rat is following the cursor!
DavidDavidsonsGhost@reddit
I think maybe we make 2026 the year of the development sandbox.
pixeltackle@reddit
We need a better rat trap.
Known-Volume1509@reddit
I wonder how long before creates.io goes into the same direction as npm? I admit I don't have much experience with the latter.