Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages
Summary:
Researchers from the Socket Threat Research Team have exposed a sophisticated and ongoing North Korean supply chain attack embedded within the npm ecosystem. This campaign, attributed to the Contagious Interview operation, involved the publication of 35 malicious npm packages across 24 accounts, six of which remain live and have been downloaded more than 4,000 times. These packages contain a custom hex-encoded loader, HexEval, which collects host metadata and, when activated, downloads and executes BeaverTail, a second-stage infostealer. BeaverTail can further deploy InvisibleFerret, a third-stage backdoor, enabling deep, layered access to the infected machine. Some packages also include keyloggers, expanding the attackers' surveillance capabilities across Windows, macOS, and Linux platforms.
The attackers leverage social engineering on LinkedIn, impersonating recruiters and sending coding assignments embedded with these malicious dependencies. They encourage victims, typically developers seeking remote jobs, to execute the code outside containerized environments during screen-sharing sessions. This tactic helps bypass common sandboxing defenses and ensures the malware executes fully. The campaign's initial access often starts with personalized outreach based on prior OSINT collection. Fake recruiters share job listings and assessments through platforms like Google Docs and Bitbucket, embedding the malware within project codebases.
HexEval obfuscates communication with command-and-control servers using hex-encoded strings, making it harder for static scanners to detect. Upon installation, it contacts one of several rotating endpoints to retrieve the next payload. These endpoints sometimes serve non-malicious content, such as IP geolocation data, possibly to evade detection or selectively target victims. Among the packages, some like jsonsecs include advanced keyloggers compiled for multiple operating systems, demonstrating the adversary’s ability to customize payloads for deeper surveillance based on the victim’s environment.
Security Officer Comments:
The BeaverTail malware harvested by the loader is a known DPRK tool that scans local file systems for browser data, cryptocurrency wallets, and other sensitive artifacts, adjusting its behavior by OS. It can fetch additional payloads like InvisibleFerret, which serves as a persistent access tool, furthering the infection chain. The evolution of the campaign reveals that after initial variants directly embedded BeaverTail, the attackers pivoted to using loaders like HexEval to avoid detection. This shift, first tracked in April 2025, has since been observed in dozens of malicious packages, with many likely deleted by npm shortly after discovery.This campaign reflects a growing trend of malware being distributed via trusted open-source ecosystems, blending technical sophistication with social engineering. It exploits the trust developers place in recruitment processes and public package repositories. The malware delivery method—via typosquatted and lookalike packages such as react-plaid-sdk and vite-plugin-tools, shows a deliberate effort to mimic popular software libraries. Naming conventions and packaging are engineered to appear harmless, allowing them to evade scrutiny until after installation.
Suggested Corrections:
To mitigate this threat, organizations and developers should employ proactive defenses against supply chain attacks. Relying solely on static code analysis and metadata checks is no longer effective. Developers should verify the authenticity of recruiters and job opportunities, avoid executing code provided via unsolicited sources, and always run unfamiliar code within isolated or containerized environments. Browser extensions from security vendors can also alert users when visiting known malicious package pages. By combining technical controls with cautious operational practices, developers can defend against adversaries who continue to adapt their methods for stealth and precision.
Link(s):
https://socket.dev/blog/north-korea...-campaign-drops-35-new-malicious-npm-packages
Researchers from the Socket Threat Research Team have exposed a sophisticated and ongoing North Korean supply chain attack embedded within the npm ecosystem. This campaign, attributed to the Contagious Interview operation, involved the publication of 35 malicious npm packages across 24 accounts, six of which remain live and have been downloaded more than 4,000 times. These packages contain a custom hex-encoded loader, HexEval, which collects host metadata and, when activated, downloads and executes BeaverTail, a second-stage infostealer. BeaverTail can further deploy InvisibleFerret, a third-stage backdoor, enabling deep, layered access to the infected machine. Some packages also include keyloggers, expanding the attackers' surveillance capabilities across Windows, macOS, and Linux platforms.
The attackers leverage social engineering on LinkedIn, impersonating recruiters and sending coding assignments embedded with these malicious dependencies. They encourage victims, typically developers seeking remote jobs, to execute the code outside containerized environments during screen-sharing sessions. This tactic helps bypass common sandboxing defenses and ensures the malware executes fully. The campaign's initial access often starts with personalized outreach based on prior OSINT collection. Fake recruiters share job listings and assessments through platforms like Google Docs and Bitbucket, embedding the malware within project codebases.
HexEval obfuscates communication with command-and-control servers using hex-encoded strings, making it harder for static scanners to detect. Upon installation, it contacts one of several rotating endpoints to retrieve the next payload. These endpoints sometimes serve non-malicious content, such as IP geolocation data, possibly to evade detection or selectively target victims. Among the packages, some like jsonsecs include advanced keyloggers compiled for multiple operating systems, demonstrating the adversary’s ability to customize payloads for deeper surveillance based on the victim’s environment.
Security Officer Comments:
The BeaverTail malware harvested by the loader is a known DPRK tool that scans local file systems for browser data, cryptocurrency wallets, and other sensitive artifacts, adjusting its behavior by OS. It can fetch additional payloads like InvisibleFerret, which serves as a persistent access tool, furthering the infection chain. The evolution of the campaign reveals that after initial variants directly embedded BeaverTail, the attackers pivoted to using loaders like HexEval to avoid detection. This shift, first tracked in April 2025, has since been observed in dozens of malicious packages, with many likely deleted by npm shortly after discovery.This campaign reflects a growing trend of malware being distributed via trusted open-source ecosystems, blending technical sophistication with social engineering. It exploits the trust developers place in recruitment processes and public package repositories. The malware delivery method—via typosquatted and lookalike packages such as react-plaid-sdk and vite-plugin-tools, shows a deliberate effort to mimic popular software libraries. Naming conventions and packaging are engineered to appear harmless, allowing them to evade scrutiny until after installation.
Suggested Corrections:
To mitigate this threat, organizations and developers should employ proactive defenses against supply chain attacks. Relying solely on static code analysis and metadata checks is no longer effective. Developers should verify the authenticity of recruiters and job opportunities, avoid executing code provided via unsolicited sources, and always run unfamiliar code within isolated or containerized environments. Browser extensions from security vendors can also alert users when visiting known malicious package pages. By combining technical controls with cautious operational practices, developers can defend against adversaries who continue to adapt their methods for stealth and precision.
Link(s):
https://socket.dev/blog/north-korea...-campaign-drops-35-new-malicious-npm-packages