Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
The Hacker NewsArchived May 18, 2026✓ Full text saved
Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP. The list of identified packages is below - chalk-tempalte (825 Downloads) @deadcode09284814/axios-util (284 Downloads) axois-utils (963 Downloads) color-style-utils (934 Downloads) "One of the packages (chalk-tempalte)
Full text archived locally
✦ AI Summary· Claude Sonnet
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
Ravie LakshmananMay 18, 2026Supply Chain Attack / Botnet
Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP.
The list of identified packages is below -
chalk-tempalte (825 Downloads)
@deadcode09284814/axios-util (284 Downloads)
axois-utils (963 Downloads)
color-style-utils (934 Downloads)
"One of the packages (chalk-tempalte) contains a direct clone of the Shai-Hulud source code that TeamPCP leaked last week, probably inspired as part of the supply chain attack competition that was published in BreachForums not long after," OX Security's Moshe Siman Tov Bustan said.
Interestingly, the malicious payloads embedded into the four npm packages are different, despite them being published by the same npm user, "deadcode09284814." As of writing, the four libraries are still available for download from npm.
An analysis of the packages has revealed that "axois-utils" is designed to deliver a Golang-based distributed denial-of-service (DDoS) botnet called Phantom Bot, with capabilities to flood a target website using HTTP, TCP, and UDP protocols. It also establishes persistence on both Windows and Linux machines by adding the payload to the Windows Startup folder and creating a scheduled task.
The remaining three drop a stealer payload on compromised systems. Of the three packages, the "chalk-tempalte" package contains a clone of the Shai-Hulud worm released by TeamPCP.
"The actor took the code, and almost without any change at all -- uploaded a working version with its own C2 server and private key into npm," OX Security said. "The stolen credentials are sent to the remote C2 server -- 87e0bbc636999b.lhr[.]life"
In addition, the data is exported to a new GitHub public repository using the stolen GitHub token via the API. The repository is given the description "A Mini Sha1-Hulud has Appeared."
The other two npm packages, "@deadcode09284814/axios-util" and "color-style-utils," carry a more straightforward functionality that siphons SSH keys, environment variables, cloud credentials, system information, IP address, and cryptocurrency wallet data to "80.200.28[.]28:2222" and "edcf8b03c84634.lhr[.]life," respectively.
"Threat actors are getting even more motivated to conduct supply chain and typo-squatting, as attacks become easier to perform with the Shai-Hulud code becoming open source," OX Security said. "We're now seeing a single actor with multiple techniques and infostealer types spreading malicious code onto npm, as it’s just the first phase of an upcoming wave of supply chain attacks coming."
Users who have downloaded the packages are uninstall them immediately, find and delete malicious configuration from IDEs and coding agents like Claude Code, rotate secrets, check for GitHub repositories containing the string "A Mini Sha1-Hulud has Appeared," and block network access to suspicious domains.
Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.
SHARE
Tweet
Share
Share
SHARE
botnet, Cloud security, cybersecurity, ddos, GitHub, Infostealer, Malware, NPM, Supply Chain Attack
⚡ Top Stories This Week
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI and More Packages
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
Load More ▼
⭐ Featured Resources
[Webinar] Learn How to Handle Critical SOC Alerts With AI Support
[Guide] Stop Email Fraud Before It Turns Into Ransomware Damage
[eBook] Get the 3-Number SOC Diagnostic to Reduce Queue Risk
Identify Internal Attack Surfaces More Efficiently With a Free Assessment