Ethical Hacking News
A new supply chain attack dubbed PhantomRaven has flooded the npm registry with malicious packages that steal credentials, tokens, and secrets during installation. The campaign uses a novel technique to evade detection, highlighting a blind spot in existing software supply chain defenses.
The PhantomRaven attack has compromised the npm registry, flooding it with malicious packages that steal credentials, tokens, and secrets.The campaign involves 126 malicious packages published by multiple accounts, with at least 86,000 downloads recorded before exposure.The attack used a new technique called Remote Dynamic Dependencies (RDD), making it difficult for security tools to detect using conventional methods.Stolen information includes npm and GitHub tokens, cloud credentials, SSH keys, and sensitive environment variables.The attack highlights a blind spot in existing software supply chain defenses, requiring more robust security measures.
A recent supply chain attack dubbed PhantomRaven has compromised the npm registry, flooding it with malicious packages that steal credentials, tokens, and secrets during installation. The campaign, which has been active since at least August 2025, involves 126 malicious packages published by multiple accounts, with at least 86,000 downloads recorded before the campaign was exposed.
According to researchers at Koi, the attack used a new technique called Remote Dynamic Dependencies (RDD), which allows the malware to fetch additional code from a remote server controlled by the attacker. This makes it extremely difficult for security tools to detect using conventional methods, as the harmful code is dynamically retrieved during installation and does not exist in the registry itself.
The stolen information includes npm and GitHub tokens, cloud credentials, SSH keys, and other sensitive environment variables commonly used in development and CI/CD pipelines. Koi's researchers noted that even experienced developers could be tricked because the packages use innocuous names, and some appear to have been automatically suggested by AI coding tools.
The PhantomRaven attack highlights a new blind spot in existing software supply chain defenses. Unlike typical npm malware, which relies on visible dependencies or post-install scripts, PhantomRaven packages initially appear empty – no dependencies, no suspicious code. However, when a user installs them, the package fetches additional code from a remote server controlled by the attacker.
The attack demonstrates how sophisticated attackers are getting at exploiting blind spots in traditional security tooling. Koi researchers said that the attacker's infrastructure was "surprisingly sloppy," but that they devised a "clever" method which could be reused by others. The campaign shows how easily malicious actors can abuse trust in public registries.
The PhantomRaven attack has significant implications for developers and organizations that rely on npm packages. It emphasizes the need for more robust security measures, including regular vulnerability assessments, secure coding practices, and improved supply chain management.
In response to the attack, Koi recommends that developers take immediate action to review their dependencies and update any affected packages. They also advise organizations to strengthen their security posture by implementing additional controls, such as code signing and dependency validation.
The incident serves as a reminder of the importance of staying vigilant in the face of emerging threats and the need for continuous improvement in software supply chain security.
Related Information:
https://www.ethicalhackingnews.com/articles/NPM-Supply-Chain-Attack-Exposed-PhantomRaven-Malware-Steals-Credentials-and-Tokens-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/10/30/phantomraven_npm_malware/
Published: Thu Oct 30 10:13:11 2025 by llama3.2 3B Q4_K_M
