Open Source Components Analyzed by Nexus Intelligence:


A History of Software Supply Chain Attacks

July 2017–Present



241 Cryptomining Packages Flood npm, PyPI

Sonatype's malware detection systems spotted 186 npm packages that were typosquats of popular libraries. All of these packages dropped cryptominers after infecting Linux systems. A security researcher, Hauke Lübbers, additionally discovered an identical attack on PyPI and shared with us a list of 55 offending Python packages.

PyPI Package ‘secretslib’ Drops Linux Malware to Mine Monero

Malicious 'secretslib' Python package drops second-stage payload in-memory to silently run XMRig and mine Monero.

‘Requests’ Library Typosquats Install Ransomware

We identified and analyzed multiple malicious Python packages that contain ransomware scripts and are typosquats of a legitimate, widely known library called 'Requests.'


JULY 2022

PyPI Packages Steal Telegram Cache Files, Add Windows Remote Desktop Accounts

Sonatype discovered malicious PyPI packages that set up new Remote Desktop user accounts on your Windows computer and steal encrypted Telegram data files from your Telegram Desktop client.

A Python Cryptominer Targeting Windows, Linux, macOS

We identified a suspicious PyPI component called 'python-dateutils' that mines Monero (XMR) cryptocurrency on your system—whether Windows, Linux, or macOS, and steals AWS credentials.


JUNE 2022

npm Malware Exfiltrates Windows SAM, Amazon EC2 Credentials

Sonatype security researchers analyzed npm packages '@core-pas/cyb-core' and 'notreallyapackagetrustme' that attempt to exfiltrate Amazon EC2 credentials as well as sensitive files such as ⁄etc/passwd on Linux, and SAM/SYSTEM on Windows.

Malware Kills Windows Defender to Drop a Trojan

npm package 'flame-vali' claims to let developers "bypass any request proxys." But instead it contains heavily obfuscated payload that makes several attempts to disable Windows Defender before it drops a trojan.

PyPI Packages Exfiltrate AWS Keys, env vars, Secrets

Multiple PyPI packages and typosquats caught by us this month exfiltrate AWS keys, environment variables, and other secret credentials. Users of these packages should immediately rotate their credentials.


MAY 2022

PyPI Package ‘ctx’ and PHP Library ‘phpass’ Compromised to Steal Environment Variables

Immensely popular PyPI package 'ctx' compromised in a supply chain attack and altered to steal environment variables from its users. Additionally, PHP project 'phpass' suffered a repo-hijacking attack with the project tained with an identical malicious payload to steal AWS keys.

New ‘pymafka’ Malicious Package Drops Cobalt Strike on macOS, Windows, Linux

We caught a 'pymafka' typosquat that drops Cobalt Strike payload across all platforms and targets developers using PyKafka, a legitimate Apache Kafka client for Python.

Malicious ‘rustdecimal’ Crate Found in Rust Repository

A malicious typosquat 'rustdecimal' was uploaded to the Rust's crate[.]io registry. The typosquat, named after the legitimate 'rust_decimal' concealed malicious code using carefully crafted XOR obfuscation. Sonatype's research team has analyzed the malware and added the typosquat to our security catalog to keep our customers protected.

Ongoing Campaign Targets ‘colors’ Library

We have now repeatedly seen the developers using the popular 'colors' library being targeted. Typosquats like colors-2.0, colors-update, colorsss are all attempts to make you fall for a nefarious clone of 'colors' laden with info-stealing trojans.

Apache Kafka Project Clone Leverages Dependency Confusion

The 'karapace' PyPI package caught and analyzed by Sonatype has the exact same name as the Python package on GitHub which is "An open-source implementation of Kafka REST and Schema Registry."

‘Bloat free’ Data Exfiltration Technique

In one of the suspicious npm packages Sonatype caught, we saw the npm package did nothing other than download another empty npm package from an external server, which made it all seem quite mysterious. But turns out, this PoC test by a researcher is a mere distraction technique for obtaining your IP address and username in a sleek manner.


APRIL 2022

VMware VSphere Dependency Confusion Attempt Caught by Sonatype

Sonatype's automated malware detection bots flagged a suspicious dependency that has the same name as a real package used by VMware VSphere SDK developers. PyPI took down the package following our report and VMWare confirmed no impact to users and its products in a statement.

500+ Malicious npm Packages Caught by Sonatype

From a 'fix-crash' npm package that steals your Discord info to 400 more malicious packages, caught in addition to those from March, that target Azure developers.

PyPI Takes Down Malicious ‘Distutil’ Package Imitating ‘distutils'

The name 'Distutil' might ring a bell as 'distutils' is a now-deprecated Python library that provided support for building and installing additional modules into a Python installation. 'Distutil' on the other hand contains obfuscated code and is, what looks like a typosquatting attempt.

Rise in ‘Protestware’ During Russia-Ukraine Crisis

Protestware—cases where maintainers behind popular open source projects sabotage their own software to make a point continue to ramp up. In days following the 'node-ipc' sabotage, maintainers behind npm libraries like 'event-source-polyfill', 'es5-ext' and 'styled-components' began adding peaceful anti-war messages to their packages.


MARCH 2022

Careful Out There: Open Source Attacks Continue To Be On the Uptick

We have identified 130 typosquatting packages on npm and a dozen malicious packages on the PyPI repository, at a time when the world is focused on the Russia-Ukraine crisis and governments are urging organizations to step up cyber security efforts in response to related malicious cyber incidents.

New ‘colors-2.0’, ‘colors-3.0’ Packages Are Malicious

To a casual observer, colors-2.0, colors-3.0, and other few may appear to be "newer" versions of the 'colors' library when that's far from the case. These packages are malware and tactfully named in a manner that may confuse a novice developer into mistaking them for the latest versions of official 'colors.'

A Cryptic ‘Reverse Shell’ Found Lurking in PyPI Packages

Don't be fooled by these Python packages that Sonatype has discovered this week on the PyPI registry. From a mysterious reverse shell to an AIOHTTP typosquat making a comeback for the third time!

86 Malicious npm Packages Named After Popular NodeJS Functions

Sonatype's automated malware detection bots have caught 86 npm packages that are named after popular NodeJS and JavaScript functions.

The development follows last week's discovery of over 400 malicious npm packages targeting Azure, Uber, and Airbnb developers—all caught by our malware detection system, offered as a part of Nexus Firewall.



Malicious PyPi Packages Steal Your Roblox Security Cookies and Discord Tokens

Sonatype's automated malware detection systems have once again caught malicious PyPI packages that steal your Roblox security cookies and Discord tokens and drop suspicious EXEs on your system.

PyPI, NuGet, and npm Flooded With Roblox and Fortnite Spam

Sonatype spots threat actors polluting open source repos with bogus packages containing spam links. After tracking a series of massive malware and spam campaigns, we explain why threat actors increasingly target game developers and abuse gaming platforms for their malware-hosting needs.

Trojanized PyPI Package Imitates a Popular Python Server Library

Sonatype has once again stumbled upon a malicious Python package—this time imitating a massively popular middleware library. But instead, this package drops a Remote Access Trojan (RAT) that compromises your system completely.

jQuery npm Typosquat Has a Fishy Surprise

The popular jQuery project has a mysterious sidekick that has popped - 'jquery-lh'. While the npm package does install real jQuery code, behind the scenes it does something fishy and unexpected.



Massively Popular "Colors" and "Faker" npm Libraries Sabotaged

Thousands of open source projects including those produced by companies like Facebook (Meta) and Amazon broke after the developer behind "colors" and "faker" intentionally sabotaged his own packages in protest of "Fortune 500" companies exploiting open source.

PyPI Flooded With More Than 1,200 Dependency Confusion Packages

On January 23rd, a user flooded the PyPI registry with 1,275 dependency confusion packages, as spotted by Sonatype's automated malware detection systems.



Crypto App Faces $5 Million Ransom Demand Following Log4j Hack

One of the largest Vietnamese crypto apps, ONUS,  suffered a cyber-attack due to a vulnerable Log4j version. Threat actors first approached ONUS with a $5 million ransom demand but put up their 2 million customer records for sale online after the company refused to pay.

Log4j Zero-day Sets the Internet on Fire With 'Log4Shell' Attacks

A critical zero-day in immensely popular logging framework, log4j, is disclosed along with a public PoC. Shortly, attackers began mass exploitation of the flaw to push malware on vulnerable servers. Soon enough, CISA issues advisory and a dedicated webpage to urge organizations to remediate Log4Shell attacks.

Malicious PyPI Packages With 10,000 Downloads Taken Down

These packages dropped trojans on Windows machines and attempted to pry on Apache Mesos instances on Linux systems.



Popular Library "coa" Gets Hijacked in an Identical Style as "ua-parser-js"

Malicious versions of "coa" broke React pipelines around the world until they were removed. These versions contained similar credential-stealing trojan as the one seen in hacked "ua-parser-js" versions.

Hours After "coa" Hijack Is Discovered, "rc" Is Hijacked, Too

Yet another popular npm package, "rc" with 14 million weekly downloads is hijacked to spread malware, merely hours after "coa" hack is spotted. The malware and attack style is identical, drawing a link between the threat actor behind both incidents. NPM pins the cause of both attacks to project maintainer's account compromise.



Newly Found npm Malware Mines Cryptocurrency on Multiple Devices

Between October 12–15, new npm cryptomining malware was found targeting Linux, macOS, Windows devices, and imitating the legitimate "ua-parser-js" package.

Popular "ua-parser-js" Library Attacked

On October 22, a popular "ua-parser-js" library with over 7 million weekly downloads was itself hijacked. The same cryptominers were found.

Fake npm Roblox API Package Installs Ransomware and has a Spooky Surprise

Between October 20 and 26, Sonatype discovered typosquatting packages that mimic noblox.js, a popular Roblox game API wrapper. The Obfuscated malware found in npm includes extra unwanted functionalities including trojans, ransomware, and even a spooky surprise.



Cryptocurrency Heist Stemmed from a Malicious GitHub Commit

SushiSwap's MISO cryptocurrency platform suffered a $3 million theft resulting from a software supply-chain attack. Just one malicious code commit made to Sushi’s private GitHub repository was enough to alter the company’s auction portal, and replace the authentic wallet address with the attacker's.


JULY 2021


A ransomware group discovered and exploited a zero-day vulnerability in a remote monitoring and management software platform used by dozens of managed security providers (MSP). Because these MSPs service thousands of downstream customers, the hackers were able to conduct a ransomware attack against 1,500 victims.


MAY 2021

Microsoft’s WinGet Flooded With Duplicate, Malformed Apps

The weekend after launching, Winget's software registry was flooded with pull requests for apps that were either duplicates or malformed. Some newly added duplicate packages were corrupted and ended up overwriting the existing packages, raising serious concerns about the integrity of the Winget ecosystem.


APRIL 2021


An attacker was able to gain access to a credential via a mistake in how Codecov were building Docker images. This credential then let them modify Codecov’s bash uploader script which was either used directly by customers or via Codecov’s other uploaders like their Github Action. The attacker used this modified script to steal credentials from the CI environments of customers using it.



Namespace Confusion

Three days after news broke of an ethical researcher hacking over 35 big tech firms in a novel supply-chain attack, more than 300 malicious copycat attacks were recorded. Within one month, more than 10,000 dependency confusion copycats had infiltrated npm and other ecosystems.




Threat actors gained access to SolarWinds dev infrastructure, and injected malicious code into Orion update binaries. 18,000 customers automatically pulled trojanized updates, planting backdoors into their systems and allowing bad actors to exploit private networks at will.


“CursedGrabber” Malware Discovered

Discovery of the malware, called xpc.js in the npm registry confirmed to be a part of the newly identified family of Discord malware named CursedGrabber. This malware targets Window hosts and steals Discord information, sending user information via webhook to the attacker.

Counterfeit Components Discovered in the npm Ecosystem

The series of components were identified as a successor to “fallguys” malware: discord.dll,, wsbd.js, and ac-addon. These components exfiltrate Discord and web browser’s “leveldb” files, as well as collect data such as IP address, “PC username,” “discordcanary” files, etc.

New npm Malware With Bladabindi Trojan Spotted

The malicious typosquatted packages jdb.js and db-json.js are found laced with a popular Remote Access Trojan (RAT), njRAT aka Bladabindi. Upon install, the malicious script engaged in data gathering and reconnaissance, ultimately launching patch.exe which is an njRAT written in .NET. This allows a remote attacker to log keystrokes, modify registry values, initiate system shutdown or restart at will, among other nefarious activities.



Brandjacking Malware Found in npm

The counterfeit package twilio-npm opens a backdoor on a user’s device, giving attackers control of the compromised machine and Remote Code Execution (RCE) capabilities.



Multiple npm Packages Vulnerable to Typosquatting Attacks

The electorn, loadyaml, lodashs, and loadyml packages have all been identified as vulnerable. Once installed, the packages collect and expose sensitive information, including IP address, geolocation, and device fingerprint, publishing this data to a public GitHub page.


MAY 2020

Octopus Scanner

26 open source packages were found to be compromised through malicious code injection. The malware was designed to enumerate and backdoor NetBeans projects through the NetBeans IDE.


APRIL 2020

Hundreds of Malware Gems found on RubyGems

400 gems were removed from the public repository for typosquatting and crypto mining malware. They include atlas-client (downloaded 2,100 times by developers).



Microsoft Spots Malicious JavaScript Package

The malicious npm package — 1337qq-js — exfiltrates sensitive information such as hard-coded passwords or API access tokens through install scripts and targets UNIX systems only.



Trojanized Python Libraries Removed

Two Python libraries, python3-dateutil and jeIlyfish, were caught stealing SSH and GPG keys from the projects or infected developers.


Computers Running Malicious npm Package Considered “Fully Compromised”

All versions of sj-tw-test-security are found to contain malicious code. The package downloads and runs a script that opens a reverse shell in the system, allowing a remote attacker to compromise the affected system.

Prototype Pollution Vulnerability Continues to Cause Problems

Taking advantage of a typosquatting exploit for lodash npm packages, all versions of the lodahs package contain malware designed to find and exfiltrate cryptocurrency wallets. Packages web3b and web3-eht were removed for the same exploit pattern.



Gem Packages Pulled From Repo

Three versions of the Gems package basic_authable, released in 2017, were yanked from the Gems repository due to their malicious nature.



Compromised Version of rest-client Maintainer Stole credentials, Installed Crypto Miners

A compromised version of rest-client, a popular HTTP and REST client for Ruby, was uploaded to RubyGems. Affected versions (1.6.10 to 1.6.13) were downloaded about 1,000 times. Similar vulnerabilities were found in Gem packages coming-soon and cron_parser.

Malicious Package Removed From npm Repository

The component bb-builder stole login information from the computers it was installed on, sending it to a remote server.


JULY 2019

Malicious Python Libraries Removed From PyPI

A security firm found three malicious Python libraries — libpeshnx, libpesh, and libari — uploaded on the official Python Package Index (PyPI) that contained a hidden backdoor which would activate when the libraries were installed on Linux systems.

RubyGems Component Found to Contain Malicious Code

This attack involves remote code execution in applications using or bundling the strong_password component. The hacker in this attack compromised the component and its dependencies — and locked out the gem maintainer


JUNE 2019

Cryptocurrency Attack on npm via Malicious Code Injection

An npm package contained code designed to steal cryptocurrency wallet seeds and other login instruction details specific to cryptocurrency apps. Tipped off by npm researchers, makers of the Agama cryptocurrency wallets shifted $13 million worth of currency before adversaries could steal it.

23 Malicious RubyGems Packages Discovered

Packages were pulled from the public repository because they contained code for cryptomining or cookie/password stealing.


MARCH 2019

Backdoored RubyGems Package Allows Remote Code Execution

A malicious version of the popular bootstrap-sass package, downloaded a total of 28 million times to date, and with 1.6K dependencies, is published to the RubyGems repository. 



Malicious Package Injected Into Popular npm Package

The injected code in the event-stream package targets the Copay application and was designed to harvest account details and private keys from accounts having a balance of more than 100 Bitcoin or 1,000 Bitcoin Cash.

JULY 2018

Compromised JavaScript Package Caught Stealing npm Credentials

A hacker gains access to a developer’s npm account and injects malicious code into a popular JavaScript library called eslint-scope, a sub-module of the more famous ESLint, a JavaScript code analysis toolkit.

Homebrew Repository Compromised

A GitHub API token leaked from Homebrew’s Jenkins provided a security researcher with access to core Homebrew software repos.

“If I were a malicious actor, I could have made a small, likely unnoticed change to the openssl formulae, placing a backdoor on any machine that installed it,” researcher Eric Holmes explained.


JUNE 2018

Linux Distro Hacked on GitHub

Unknown individuals gain control of the Github Gentoo organization and modified the content of repositories as well as pages within — all code considered compromised.


MAY 2018

Backdoored npm Package Discovered

npm security team responds to reports the getcookies package, which contained malicious code that allowed remote users to execute arbitrary code on servers. The investigation also revealed that an existing package called mailparser began listing http-fetch-cookies as a dependency. Despite being deprecated, mailparser still receives about 64,000 weekly downloads.

Backdoored PyPI Package Discovered

Python module ssh-decorator backdoored to collect users' SSH credentials and sent the data to a remote server.



Deleted GitHub Account Resurrected by Unknown User

After a developer deleted their go-bindata GitHub account, someone immediately grabbed the ID — inheriting the karma instilled in that ID and calling into question packages and sources.

npm Credentials Intentionally Compromised

A malicious version of a package from a core contributor to the conventional-changelog ecosystem is published. The package was installed 28,000 times in 35 hours and executed a Monero crypto miner.



“I’m harvesting credit card numbers and passwords from your site. Here’s how.”

David Gilbertson writes a fictional tale on his blog about creating a malicious npm package.



PyPI Typosquat

10 malicious Python packages found with misspelled names intentionally chosen to trick users. Evidence of the fake packages being incorporated into software was noted multiple times between June and Sept 2017.

JULY 2017

Typosquatting Attack on npm

39 packages harvested undetected over two weeks, collecting credentials used to publish to the npm repository itself.

npm Credentials Published Online

Affects access to 14% of the npm repo (79K packages). As a result, npm reset the passwords and auth tokens of over 1,000 developers.

17 Backdoored Images Created on Docker Hub

Username docker123321 uploads backdoored container images used to install reverse shells and cryptocurrency miners on users' servers. Images not removed until June 2018. The same username is later accused of poisoning a Kubernetes honeypot (Jan. 2018) and equated to a crypto-mining botnet (May 2018).


Additional Resources


2021 State of the Software
Supply Chain Report

Sonatype’s report blends a broad set of data to reveal important findings about open source and its increasingly important role in digital innovation.


What is Nexus Intelligence?

See how artificial intelligence and machine learning that never stops learning, plus 65 world class professionals with 500+ years of experience lead to the best data in the industry. 

Scanner Icon

Are Your Applications Secure?

Are you at risk of a software supply chain hack? Try Nexus Vulnerability Scanner for FREE to find out if your software has any open source security vulnerabilities.

Ready to Try Sonatype?

Secure and automate your software supply chain.