Over the past year, we've seen a steady drumbeat of supply chain incidents targeting npm — each slightly different, but collectively pointing to the same truth: the open source ecosystem is being stress-tested in real time.
This week, researchers discovered a startling new open source malware package that self-propagates every seven seconds. The worm, dubbed IndonesianFoods, looks like a stunt on the surface. So far, we've logged more than 100,000 packages associated with this campaign, including 55,688 that were previously unreported. It doesn't steal credentials, infect hosts, or exfiltrate secrets. Instead, it weaponizes scale, consumes resources, overwhelming registries, and shows how easy it is to turn openness into disruption.
Industry researchers from SourceCodeRED initially reported finding nearly 45,000 packages associated with this campaign. Sonatype continues to track the affected packages, and our Release Integrity systems continue to discover newly affected items that we are adding to our data.
The One That Didn't Spread
Sonatype's own telemetry shows this wasn't the first attempt. Back on September 10, our automated systems flagged a nearly identical npm package called fajar-donat9-breki. It contained the same self-propagating logic, the same structure, the same behavior. But unlike IndonesianFoods, it didn't spread. It's unclear why — perhaps it was never downloaded, or maybe it hit a dead end in testing — but the code was there.
That tells us something important: this wasn't a one-off stunt. It was a pattern in progress, an early rehearsal for the scale of what we're seeing now.
Curiosity Devolves Into Chaos
If this feels familiar to you, it should.
Last month, GlassWorm showed how quickly a self-replicating OpenVSX package could spread before anyone had time to react. Around the same time, the chalk and debug package hijackings revealed something even more concerning — attackers no longer need to create new packages at all. They can compromise trusted, widely used ones and instantly reach millions of developers. In September, there was Shai-Hulud, an attack that took cues from Dune's sandworm and spread through dependency confusion, exploiting automation to move faster than human response.
Each one of these incidents might look minor in isolation. None caused the sort of catastrophic fallout you'd expect from ransomware or data breaches. But the real signal isn't the payload — it's the pattern.
Sophistication Versus Scale
What’s evolving isn't necessarily the attackers' cleverness; it's the speed and reach of their tactics. Automation is amplifying both the power to build and the power to break. The same scripts and pipelines that let us ship software faster are being turned against us. Every attack learns from the one before it, finding new ways to exploit the fundamental asymmetry of open ecosystems: one actor can move faster than an entire community can respond.
The IndonesianFoods worm doesn't have to be "sophisticated" to be dangerous. Registry maintainers and security researchers are overwhelmed addressing these packages in real time. While we haven't seen evidence of further attacks, this would be a good time for attackers to attempt to infiltrate without notice.
Protect Your Developers
Even though this specific worm appears non-destructive, incidents like this underscore how fragile and automated the modern development process has become. A few proactive steps can dramatically reduce exposure to these kinds of events:
-
Lock down dependency versions: Don't automatically pull the latest versions from npm. Use a repository manager such as Sonatype Nexus Repository to control what enters your environment and maintain a known-good cache of approved components.
-
Monitor for abnormal publishing and install behavior: Self-replicating or fast-publishing packages are detectable with the right telemetry. Sonatype Repository Firewall detects and blocks anomalous or high-frequency publication activity before malicious code reaches your CI/CD pipeline.
-
Prioritize provenance and signatures: Adopt frameworks like Sigstore or use tools that enforce signed packages and trusted publishers. Sonatype Lifecycle can enforce these trust signals automatically.
-
Assume automation on both sides: Attackers are using scripts to move faster than human review can keep up. You'll need automated defenses that work at the same speed — policy enforcement, real-time anomaly detection, malware prevention, and continuous intelligence on new open source threats.
Sonatype customers can rest assured that all affected components have been added to our knowledge base. Any applications impacted by this campaign are continuously monitored, with proactive alerts delivered as new developments emerge. Our customers can also leverage advanced search in Sonatype IQ Server to quickly identify and assess affected applications under monitoring.
The Bigger Picture
Sonatype has long tracked the shift from isolated malicious packages to automated, self-replicating campaigns, and this incident underscores how one piece of self-replicating malware can overwhelm an open source registry. These aren't isolated curiosities — they're pressure tests on the digital infrastructure that underpins our economy.
Every worm, hijack, or takeover is asking the same question: Can the software supply chain withstand the next wave of automation?
With visibility across millions of open source projects and years of historical data, we've seen the warning signs before they hit the front page. IndonesianFoods won’t be the last, but it's another reason to strengthen the guardrails before the next worm arrives with more than just noise.
Written by Sonatype Security Research Team
Sonatype's Security Research Team is focused on bringing real-time, in-depth intelligence and actionable information about open source and third party vulnerabilities to Sonatype customers.
Tags
