top of page
perceptive_background_267k.jpg

New PhantomRaven NPM attack wave steals dev data via 88 packages

Published:

11 maart 2026 om 17:09:42

Alert date:

11 maart 2026 om 18:02:30

Source:

bleepingcomputer.com

Click to open the original link from this advisory

Supply Chain & Dependencies, Data Breach & Exfiltration

The PhantomRaven campaign continues its supply chain attacks targeting the npm registry with a new wave of 88 malicious packages designed to steal sensitive data from JavaScript developers. This represents an active threat to the software development ecosystem, specifically targeting developers through compromised npm packages. The campaign demonstrates sophisticated supply chain attack techniques by infiltrating the widely-used package manager. The attack aims to exfiltrate sensitive development data, potentially compromising both individual developers and organizations. The large number of malicious packages (88) indicates a coordinated and extensive campaign. This poses significant risks to the JavaScript development community and downstream software security.

Technical details

PhantomRaven campaign uses Remote Dynamic Dependencies (RDD) evasion technique where package.json specifies dependencies at external URLs to avoid embedding malicious code directly. When developers run 'npm install', malware is automatically downloaded from attacker's server and executed. The attack uses 'slopsquatting' to mimic established projects like Babel and GraphQL Codegen with names appearing to be suggested by LLMs. Malware collects sensitive data including emails from .gitconfig, .npmrc, environment variables, and CI/CD tokens from GitHub, GitLab, Jenkins, CircleCI. System fingerprinting captures IP, hostname, OS, and Node version. Data exfiltration occurs via HTTP GET/POST requests and WebSocket to C2 servers. Infrastructure uses domains containing 'artifact' hosted on Amazon EC2 without TLS certificates. Payload remained nearly identical across waves with 257 of 259 code lines unchanged.

Mitigation steps:

Verify legitimacy of building blocks, only use packages from reputable publishers, avoid copy-pasting suggestions from AI chatbots or unvetted sources, implement automated inspection of package dependencies, monitor for Remote Dynamic Dependencies patterns in package.json files

Affected products:

npm registry
JavaScript development environments
Babel
GraphQL Codegen
Node.js
GitHub
GitLab
Jenkins
CircleCI

Related links:

https://www.bleepingcomputer.com/news/security/phantomraven-attack-floods-npm-with-credential-stealing-packages/
https://www.endorlabs.com/learn/return-of-phantomraven

Related CVE's:

Related threat actors:

IOC's:

Domains containing 'artifact' keyword, Amazon EC2 hosted infrastructure, Lack of TLS certificates on C2 domains, 88 malicious packages distributed via 50 disposable accounts, 257 of 259 identical code lines in payload

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page