On September 8, 2025, several widely used npm packages, including chalk, debug, and color, were found to be compromised in what is quickly becoming one of the largest open-source supply chain incidents to date. Together, these packages account for over 2 billion weekly downloads, making this compromise both high-risk and far-reaching.
Here’s what happened, how the attack worked, and how OPSWAT technologies can help defend against similar threats in the future.
Attack Summary
The attack began with a phishing campaign targeting a maintainer of one of the npm packages. A spoofed email from support@npmjs.help (a fake domain registered just days before the attack) tricked the victim into giving up credentials. With access to the maintainer’s npm account, attackers published malicious versions of the packages.
The injected code was purpose-built cryptostealer malware designed to hijack cryptocurrency transactions from end users interacting with wallets and decentralized apps (dApps).
This incident highlights again that open-source trust can be weaponized at any time, just like the ESLint supply chain hack in July 2025.
Attack Techniques Used
1. Browser-Specific Execution
The malware performed an environment check to ensure it only ran inside browsers. On servers or CI/CD pipelines, it stayed dormant, making detection harder.
2. API Interception
The malicious payload hooked into core web APIs including:
window.fetch
XMLHttpRequest
window.ethereum(wallet providers)
This allowed the malware to silently spy on, intercept, and modify network requests.
3. Transaction Hijacking
Once embedded, the malicious code went beyond passive observation and actively interfered with cryptocurrency activity. Particularly, it scanned for wallet addresses and transaction payloads across multiple blockchains, including Ethereum, Solana, Bitcoin, Tron, Litecoin, and Bitcoin Cash.
From there, the payload executed a substitution technique:
- Replaced legitimate wallet addresses with attacker-controlled ones, using lookalike addresses generated with similarity checks (e.g., Levenshtein distance).
- This meant a transfer to
0xAbc123…could quietly become0xAbc129…without raising suspicion.
- Crucially, the swap occurred before the user signed the transaction, so even though the UI displayed the correct address, the signed request was already altered under the hood.
4. Stealth Evasion
The attackers also built in measures to ensure their malware remained hidden for as long as possible. Rather than making visible changes that could alert the victim, the payload operated quietly in the background:
- Avoided obvious UI swaps, so wallet interfaces appeared unchanged.
- Persisted silently, keeping its hooks active throughout the browsing session.
- Targeted both approvals and transfers, enabling not just the theft of funds, but also the manipulation of wallet permissions for future exploitation.
Why This Attack Is So Dangerous
- Massive scale: Billions of weekly downloads across affected packages.
- Cross-chain targeting: Not limited to Ethereum. Multiple major blockchains were affected.
- Invisible to users: Victims believed they were approving safe transactions.
- Ecosystem trust exploit: One compromised maintainer account rippled out across the npm ecosystem.
OPSWAT’s Response
OPSWAT SBOM technology with the latest database version is already capable of detecting and flagging these malicious packages.
OPSWAT SBOM technology is one of many industry-leading security solutions and technologies available in MetaDefender Core and MetaDefender Software Supply Chain:
- Vulnerability Analysis: Automatically scans dependencies for known vulnerabilities and malicious versions.
- Continuous Monitoring: Watches repositories like npm, PyPI, and Maven for suspicious changes.
- Multi-AV & Heuristics: Detects obfuscated malware hiding inside packages.
- CI/CD Integration: Blocks compromised dependencies before they are pulled into builds.
- SBOM Generation: Exports SBOM reports in standardized formats such as CycloneDX, SPDX, JSON, and PDF to support auditing and compliance purposes.
- Secrets Detection: OPSWAT Proactive DLP finds hardcoded secrets (passwords, API keys, tokens, etc.) embedded within the source code to prevent unauthorized access.
What You Should Do Now
- Audit dependencies: Check your projects for affected npm packages.
- Enhance phishing awareness: Train developers and maintainers to spot spoofed emails.
- Automate security with OPSWAT MetaDefender Software Supply Chain: Gain visibility into your software supply chain risks with continuous threats and vulnerability monitoring.
- Enforce strong account security: Maintain 2FA on all package registry accounts.
Key Takeaways
- Maintainer accounts are prime targets. Their security is your security.
- Supply chain attacks are scaling: billions of downloads can be weaponized instantly.
- Proactive monitoring and zero-trust tools like MetaDefender Software Supply Chain are no longer optional; they’re essential.
Closing Thought
This incident underscores how fragile the open-source ecosystem can be when just one trusted maintainer account is compromised. With billions of downloads at stake, organizations must recognize that supply chain security is as critical as endpoint or network security. Proactive visibility, continuous monitoring, and strong security practices are the best defense against the next open-source compromise.
Learn more about how OPSWAT SBOM and MetaDefender Software Supply Chain helps secure your development pipelines and protects against open-source supply chain attacks.
