npm packages associated with North Korea are masquerading as Rollup polyfill tools to extract sensitive information from developers.
TL;DR: Six malicious npm packages, posing as Rollup polyfill tools, have stolen developer credentials and facilitated remote access in a campaign associated with Lazarus.
Security researchers from JFrog have discovered a series of harmful npm packages connected to North Korean threat actors that mimic legitimate Rollup polyfill tools to steal developer credentials and allow remote access to affected machines. The packages, named “rollup-packages-polyfill-core” and “rollup-runtime-polyfill-core,” replicate the authentic “rollup-plugin-polyfill-node” in terms of description, repository metadata, and package structure. All six packages linked to this campaign have now been removed from the npm registry.
The attack employs a multi-layered delivery process meant to avoid detection. Initial packages install concealed second-stage dependencies disguised as SVG utilities, which subsequently retrieve a JSON object from a remote server and execute the payload contained within it. JFrog indicated that this structure, along with similar names, convincing metadata, and environment checks to evade sandboxes and cloud development environments, aligns with previous npm campaigns linked to Lazarus.
Once the later stages are activated, the malware provides the attacker with both information-gathering and control capabilities on the compromised machine. The payload can extract data from web browsers and cryptocurrency wallets, periodically capture clipboard content, and collect files with specific extensions. It also targets configuration files for developer tools such as VS Code, Windsurf, and Cursor, as well as credentials for AWS, Microsoft Azure, Google Gemini, Anthropic Claude, and SSH keys.
This campaign is part of a larger trend. In April, researchers at Panther documented an ongoing Lazarus npm operation that released 108 malicious packages across 261 versions to distribute BeaverTail and OtterCookie, two malware families related to the Contagious Interview campaign. The latest packages exhibit characteristics similar to OtterCookie, including the implementation of a modified library for keyboard and mouse control that allows for interactive remote terminal sessions, screenshot capturing, and simulated user actions on compromised Windows systems.
This revelation comes amidst a wider surge of supply chain attacks targeting open-source package repositories. Researchers from Checkmarx, SafeDep, and AWS's Chi Tran have also identified multiple clusters of malicious packages on npm and PyPI that steal cloud credentials, cryptocurrency wallets, SSH keys, and developer secrets. Rollup plugins are frequently loaded from developer workstations and CI build pipelines, environments that have become increasingly susceptible to supply chain breaches and often contain access to sensitive assets like source code, API keys, and project secrets.
Other articles
npm packages associated with North Korea are masquerading as Rollup polyfill tools to extract sensitive information from developers.
Malicious npm packages that imitate Rollup polyfill tools are stealing browser data, cryptocurrency wallets, and credentials for AI tools in a campaign linked to Lazarus.
