NPM Packages

At least 17 malware-laced packages have been discovered on the NPM package Registry, adding to a recent barrage of malicious software hosted and delivered through open-source software repositories such as PyPi and RubyGems.

DevOps firm JFrog said the libraries, now taken down, were designed to grab Discord access tokens and environment variables from users' computers as well as gain full control over a victim's system.


"The packages' payloads are varied, ranging from infostealers up to full remote access backdoors," researchers Andrey Polkovnychenko and Shachar Menashe said in a report published Wednesday. "Additionally, the packages have different infection tactics, including typosquatting, dependency confusion and trojan functionality."

The list of packages is below -

  • prerequests-xcode (version 1.0.4)
  • discord-selfbot-v14 (version 12.0.3)
  • discord-lofy (version 11.5.1)
  • discordsystem (version 11.5.1)
  • discord-vilao (version 1.0.0)
  • fix-error (version 1.0.0)
  • wafer-bind (version 1.1.2)
  • wafer-autocomplete (version 1.25.0)
  • wafer-beacon (version 1.3.3)
  • wafer-caas (version 1.14.20)
  • wafer-toggle (version 1.15.4)
  • wafer-geolocation (version 1.2.10)
  • wafer-image (version 1.2.2)
  • wafer-form (version 1.30.1)
  • wafer-lightbox (version 1.5.4)
  • octavius-public (version 1.836.609)
  • mrg-message-broker (version 9998.987.376)

As prior research has established, collaboration and communication tools like Discord and Slack have become handy mechanisms for cybercriminals, with Discord servers integrated into the attack chains for remotely controlling the infected machines and even to exfiltrate data from the victims.

"Cyber criminals are using Discord CDN to host malicious files as well as for command-and-control (C&C) communication," cybersecurity firm Zscaler noted in an analysis earlier this February. "Due to the static content distribution service, it is highly popular among threat actors to host malicious attachments that remain publicly accessible even after removing actual files from Discord."

AI vs. AI: Harnessing AI Defenses Against AI-Powered Risks

Ready to tackle new AI-driven cybersecurity challenges? Join our insightful webinar with Zscaler to address the growing threat of generative AI in cybersecurity.

Supercharge Your Skills

In light of these disclosures, it's no surprise that the theft of Discord access tokens could enable threat actors to use the platform as a covert data exfiltration channel, distribute malware to other Discord users, and even sell Discord Nitro premium accounts to other third-parties, who can then use them for their own campaigns.

Even more troublingly, the package "prerequests-xcode" functioned as a full-fledged remote access trojan, a Node.JS port of DiscordRAT, that's equipped to capture screenshots, gather clipboard data, execute arbitrary VBScript and PowerShell code, steal passwords, and download malicious files, effectively granting the adversary the ability to take over the developer's system.

If anything, the development adds to an increasingly "disturbing trend" of using rogue packages as a stealthy compromise vector to facilitate an array of malicious activities, including supply-chain attacks.

"Public repositories have become a handy instrument for malware distribution: the repository's server is a trusted resource, and communication with it does not raise the suspicion of any antivirus or firewall," the researchers said. "In addition, the ease of installation via automation tools such as the NPM client, provides a ripe attack vector."

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.