Malware Found in NPM Packages with 1 Million Weekly Downloads

Malware attacks on NPM packages have put over a million weekly downloads at risk, underlining the growing threat landscape in the software supply chain. This breach exposes countless developers to remote access trojans, data theft, and destructive code. Find out what happened, how it impacts the community, and what you can do next.

Introduction: An Unprecedented Supply Chain Breach

“Malware found in NPM packages” is no longer a theoretical scenario—this is now the reality for developers worldwide. On June 8, 2025, cybersecurity researchers discovered that 16 React Native NPM packages—with over 1 million weekly downloads—were compromised in an aggressive software supply chain attack. This campaign demonstrates not just the technical sophistication of the attackers but also the widespread risk to organizations that rely on open-source JavaScript libraries for critical business operations.^{[2], [3]}

How Did the Malware Enter the NPM Ecosystem?

Attackers targeted 17 popular @react-native-aria Gluestack packages, publishing new versions laced with a remote access trojan (RAT) in early June 2025. The compromised packages began spreading after a malicious version of @react-native-aria/focus was released. Within hours, nearly all Gluestack React Native Aria packages were infected. Given these packages’ popularity, the scale of potential impact is staggering.^[3]

The Technical Anatomy of the Attack

The injected RAT grants attackers full remote control over any system running the compromised packages. The malware can:

• Execute arbitrary shell commands on target machines.
• Upload and download files—potentially leaking sensitive data or introducing further malicious payloads.
• Maintain persistence on Windows systems by embedding itself in specific local directories (%LOCALAPPDATA%\Programs\Python\Python3127), making removal challenging.
• Communicate with external command-and-control servers, ensuring ongoing access and data exfiltration.

To remain hidden, the attackers employed whitespace-based obfuscation. This clever evasion technique hides harmful scripts well off the visible area in common code editors, allowing them to slip past even cautious developer eyes.^{[2], [3]}

Destruction and Intelligence Gathering: Beyond Simple RATs

Besides the Gluestack packages, researchers found two additional rogue packages—express-api-sync and system-health-sync-api—that take a more destructive approach. When triggered, these packages can delete the entire contents of a project directory, erasing source code, configuration files, and databases. More dangerously, system-health-sync-api also functions as an info-stealer and adjusts its file-deletion commands to target both Windows and Linux systems effectively.^{[1], [4]}

Who Is at Risk?

Any organization or developer that installed the affected packages between June 6 and June 8, 2025, is potentially exposed. Major software enterprises and countless smaller projects depend on NPM’s open-source ecosystem. If your application relies on Gluestack’s React Native Aria packages, immediate auditing is essential.

What Can Developers and Organizations Do?

Reacting quickly is crucial. Here are key steps you should take now:

• Audit dependencies: Check your project’s package.json and package-lock.json for compromised versions, especially any Gluestack @react-native-aria packages.
• Update immediately: Upgrade to patched versions provided by maintainers or remove affected packages entirely.
• Monitor systems: Scan for communications with known C2 servers (136.0.9[.]8, 85.239.62[.]36) and check for unusual persistence mechanisms in Windows directories.
• Consider incident response: If you find signs of compromise, investigate host systems, reset credentials, and follow your organization’s security protocols.
• Improve supply chain hygiene: Use automated tools to monitor dependencies for malicious updates and consider solutions that flag suspicious behavior in third-party packages.

What Does This Mean for the Wider Open Source Community?

This latest incident is a stark reminder: as open-source software underpins more of the global digital infrastructure, the attack surface grows. Threat actors know that a single compromised package can grant access to thousands of downstream targets. Therefore, developer vigilance, layered security, and community coordination are more important than ever.

Further Reading and References

• The Hacker News: New Supply Chain Malware Operation Hits npm and PyPI
• SecurityBrief: Malware hits 16 React Native npm packages, 1m downloads at risk
• BleepingComputer: Supply chain attack hits Gluestack npm packages with 960k weekly downloads
• BleepingComputer: Malicious npm packages posing as utilities delete project directories