npm packages associated with North Korea are masquerading as Rollup polyfill tools in an attempt to steal developers' sensitive information.
TL;DR: Six malicious npm packages posing as Rollup polyfill tools stole developer credentials and facilitated remote access in a campaign linked to Lazarus.
Security researchers from JFrog have discovered a group of malicious npm packages associated with North Korean threat actors. These packages imitate genuine Rollup polyfill tools to steal developer credentials and provide remote access to compromised systems. The packages, titled “rollup-packages-polyfill-core” and “rollup-runtime-polyfill-core,” closely imitate the legitimate “rollup-plugin-polyfill-node” project in terms of description, repository details, and package organization. All six packages have since been removed from the npm registry.
The attack uses a multi-layered delivery method designed to avoid detection. The initial packages install concealed second-stage dependencies disguised as SVG utilities, which then retrieve a JSON object from a remote service and execute the embedded payload. JFrog indicated that the design, along with similar names, credible metadata, and environment checks to evade sandboxes and cloud development platforms, aligns with earlier npm campaigns associated with Lazarus.
Once executed, the malware provides the attacker with capabilities for both data collection and control over the compromised machine. The payload captures data from web browsers and cryptocurrency wallets, periodically records clipboard content, and collects files with specific extensions. It also targets configurations for developer tools such as VS Code, Windsurf, and Cursor, as well as credentials for AWS, Microsoft Azure, Google Gemini, Anthropic Claude, and SSH keys.
This campaign is part of a broader trend. In April, Panther researchers documented an ongoing Lazarus npm operation that released 108 malicious packages across 261 versions to deploy BeaverTail and OtterCookie, two known malware families linked to the Contagious Interview campaign. The latest packages exhibit similarities with OtterCookie, including the use of a modified keyboard and mouse control library that allows for interactive remote sessions, screenshot capture, and simulated user input on compromised Windows machines.
This announcement coincides with a larger wave of supply chain attacks targeting open-source package repositories. Researchers from Checkmarx, SafeDep, and AWS have separately uncovered clusters of malicious packages across npm and PyPI that are designed to steal cloud credentials, cryptocurrency wallets, SSH keys, and developer secrets. Rollup plugins are frequently utilized in developer workstations and CI build pipelines, environments that are increasingly susceptible to supply chain compromises and often contain access to sensitive assets like source code, API keys, and project secrets.
Published July 3, 2026 - 4:55 pm UTC
Other articles
npm packages associated with North Korea are masquerading as Rollup polyfill tools in an attempt to steal developers' sensitive information.
Malicious npm packages that impersonate Rollup polyfill tools are designed to steal browser data, cryptocurrency wallets, and credentials for AI tools in a campaign associated with Lazarus.
