Popular npm Libraries Compromised in Phishing Attack on Maintainer

A methodical and coordinated supply chain attack on the npm ecosystem unfolded on September 8, 2025, when attackers successfully compromised the account of a prominent developer known as “Qix” via a phishing campaign. According to Wiz and BleepingComputer, the attackers used a spoofed domain (npmjs[.]help) to trick maintainers into revealing credentials under the pretense of updating outdated two-factor authentication. Once access was gained, multiple widely used packages, including chalk, debug, strip-ansi, and others, were modified and republished with obfuscated malicious payloads. The malicious versions remained live for approximately two hours (9:00 AM–11:00 AM EST) before being removed. Despite the short exposure window, the impacted packages collectively represent over 2.6 billion weekly downloads, and the malicious code was detected in at least 10% of cloud environments shortly after the incident.

The attack specifically targeted users interacting with the compromised packages via web applications. The payload embedded in the modified packages executes within the browser and hijacks cryptocurrency transactions by intercepting and rewriting wallet-related API calls before the user signs the transaction. Wiz explained, “if they were incorporated into frontend builds and shipped as web assets, any browsers loading the affected website would execute a malicious payload that hooks network and wallet APIs in order to silently rewrite cryptocurrency recipients/approvals before signing.” BleepingComputer corroborated this, quoting Aikido Security: “The malicious code only impacts individuals accessing the compromised applications over the web, monitoring for cryptocurrency addresses and transactions that are then redirected to attacker-controlled wallet addresses.” The code supports interception of Ethereum, Bitcoin, Solana, Tron, Litecoin, and Bitcoin Cash transactions and uses look-alike substitutions to mask malicious rewrites from users.

The scope of the campaign has since widened. Wiz reported that packages beyond those maintained by Qix, such as those in the DuckDB ecosystem, were also found to be compromised. Affected environments span both public and private cloud platforms, CI/CD pipelines, and frontend deployment systems. Impacted organizations were those that installed the tainted packages or their transitive dependencies during the attack window. Risk is especially high for any application involving cryptocurrency payment flows, browser-based wallet integrations, or decentralized finance components. Importantly, the malicious code does not persist on servers but resides in browser-delivered JavaScript, which can remain dangerous if cached or embedded in production assets.

Remediation efforts have included rapid removal of malicious versions, blocklisting affected packages, and invalidation of cached frontend assets. Wiz recommends clearing caches across developer environments and CI/CD systems, scanning application bundles for known obfuscated code patterns, and adding client-side integrity checks where possible. They also emphasize ongoing vigilance: “Treat the affected list as evolving, and assume that malicious versions of popular packages are still available for download.” Organizations should continue monitoring package registries, validating lockfiles for unsafe versions, and alerting users to any anomalous signing flows or unauthorized transfers.