Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm ecosystem that leverages a unique execution chain to deliver unknown payloads to targeted systems.
“The packages appear to be issued in pairs, each pair working in unison to fetch additional resources which are then decoded and/or executed,” software supply chain security firm Phylum said in a report released last week.
To that end, the order in which packet pairs are installed is critical to carrying out a successful attack, as the first of the two modules is designed to store locally tokens fetched from remote servers. The campaign was first discovered on June 11, 2023.
The second packet then passes this token as a parameter next to the operating system type to a HTTP GET requests to get the second script from the remote server. A successful execution returns a Base64 encoded string that is executed immediately but only if the string is longer than 100 characters.
Phylum reveals that the endpoint has so far returned the string “bm8gaGlzdG9yeSBhdmFpbGFibGU =,” which translates to “no history available,” either implying that the attack is still in progress or engineered to return payloads only at certain times.
Another hypothesis for this behavior might depend on the IP address (and by extension, location) from which the request originating from the first packet was sent when generating the token.
The identity of the threat actor behind the operation is currently unknown, although it has all the hallmarks of a supply chain threat to be “reasonably” sophisticated given the length of time an adversary has been carrying out an attack, while also taking steps to dynamically deliver subsequent attacks. -stage payload to avoid detection.
“It is very important that each packet in a pair is executed sequentially, in the correct order, and on the same machine to ensure successful operation,” says Phylum. “This carefully orchestrated attack serves as a stark reminder of the ever-evolving complexity of modern threat actors in open source ecosystems.”
The disclosure came when Sonatype discovered a set of six malicious packages in its Python Package Index (PyPI) repository – break-rcl, breakscolors, breakscolors2, breakscolors3, brokersrcl, and trexcolors – uploaded by an account named bankrupt.
“These packages target the Windows operating system and are identical in version,” said security researcher and journalist Ax Sharma said. “After installation, the packages are simply downloaded and running trojans hosted on Discord servers.”
Also discovered by Sonatype is a package referred to as libiobe which is capable of targeting Windows and Linux operating systems. On machines running Windows, the packet delivers files information thiefwhereas on Linux, it is configured to create a system profile and extract the information back to the Telegram endpoint.
“It’s hard to say who will ultimately run packages with names like that or who they will target specifically,” Sharma said. “While these packages may not employ any new payloads or tactics, or have any clear targets, they are evidence of ongoing malicious attacks targeting open source software registries such as PyPI and npm.”