North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign
North Korean hackers published 108 malicious packages and extensions in the PolinRider campaign.
Summary
North Korean threat actors, linked to the Contagious Interview campaign, have released 108 malicious packages and browser extensions across npm, Packagist, Go, and Google Chrome as part of the PolinRider campaign. The attackers weaponize job recruitment to target developers and cryptocurrency professionals, using social engineering to trick them into running malware. The campaign has compromised numerous GitHub repositories, with attackers compromising maintainer accounts and rewriting Git history to conceal malicious code.
Full text
North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign Ravie LakshmananJul 04, 2026Cryptocurrency / Malware The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. "The campaign remains active, and new malicious packages are likely to continue appearing as threat actors compromise maintainer accounts, modify legitimate repositories, and publish infected package versions where they retain or obtain registry access," Socket security researcher Karlo Zanki said in an analysis published this week. The 162 malicious release artifacts span multiple release versions corresponding to 108 unique packages and extensions, including 19 npm libraries, 10 Composer packages, 61 Go modules, and one Google Chrome extension. Contagious Interview is the moniker assigned to a North Korea-aligned campaign that weaponizes job recruitment to target software developers and individuals working in the cryptocurrency sectors, using persuasive job interviews and assessments to trick them into executing malicious code. The activity is known to be active since at least 2023. Attackers masquerade as recruiters or collaborators on platforms like LinkedIn, GitHub, or freelance websites, often setting up elaborate front companies and AI-generated employee profiles to build trust and ultimately deliver malware. PolinRider was first flagged by the OpenSourceMalware team in March 2026, describing it as involving the threat actors implanting malicious obfuscated JavaScript payloads in hundreds of public GitHub repositories belonging to several unique owners to deliver a new variant of BeaverTail, a known JavaScript malware associated with Contagious Interview. As of April 11, 2026, the activity has compromised 1,951 public GitHub repositories associated with 1,047 unique owners, while also merging with another cluster called TaskJacker that drops malicious VS Code task files into GitHub users' existing repositories. The VS Code tasks include the "runOn: 'folderOpen'" option to trigger the execution of arbitrary code when the folder is opened as a workspace folder in an IDE like VS Code or Cursor. "The threat actor is not using stolen GitHub credentials," OpenSourceMalware said. "Instead, the victims have been compromised via a malicious VS Code extension or npm package." It's believed that the attackers are taking over maintainer accounts, likely through expired domain takeover or another account recovery path, to pull off the scheme. Once executed, the malware searches the infected computer for certain files like "postcss.config.mjs," "tailwind.config.js," "eslint.config.mjs," next.config.mjs," babel.config.js," and "app.js," and, if found, appends malicious JavaScript code to them. It also makes use of a Windows batch script to stealthily modify the last commit, while making it appear as if they were made by the original author. It's suspected that similar tools are being utilized to rewrite Git history for other operating systems like Linux and macOS. "The core tradecraft remains consistent across the campaign: threat actors plant obfuscated JavaScript loaders in legitimate repositories, conceal the code through whitespace padding or fake .woff2 font files, and trigger execution through developer tooling such as VS Code task files," Socket said. In the latest wave, the payload functions as a JavaScript malware loader that reaches out to blockchain infrastructure, including TRON, Aptos, and BNB Smart Chain services, to fetch an encrypted second-stage payload that unpacks to DEV#POPPER RAT and OmniStealer. This attack chain was detailed by eSentire in March 2026. "The threat actors use Git history rewriting, including force pushes and anti-dated commits to make malicious changes appear older and less suspicious," Zanki said. "This makes the GitHub landing page and visible commit history unreliable indicators of compromise; defenders should review repository activity logs, package release metadata, VS Code task configuration, and suspicious changes to configuration files." The development comes as JFrog uncovered a cluster of npm packages linked to Contagious Interview, some of which masqueraded as Rollup polyfill tools to enable remote access and data theft. Earlier this week, another set of npm packages and Go packages was identified as incorporating VS Code auto-run tasks to run JavaScript payloads disguised as fake font files, indicating tactical overlaps between Fake Font, TaskJacker, and PolinRider. Users who have installed these packages should treat the environment as compromised, rotate exposed secrets from a clean machine, remove affected versions and rebuild from a known good lockfile, and audit developer workstations and repositories for hidden execution paths or suspicious commits that have modified ".vscode/tasks.json," "config.js," "vite.config.js," and "eslint.config.js" files. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE Tweet Share Share Share SHARE Contagious Interview, cryptocurrency, GitHub, JavaScript, Malware, North Korea, NPM, Supply Chain, VS Code ⚡ Top Stories This Week ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts ⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks 282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS ⭐ Featured Resources What 200+ Security Teams Reveal About Using IP Intelligence in 2026 Get Hands-On SANS Training for Today’s Cyber Defense and Offensive Security Challenges See What’s Really Exposed Across Your IT, OT, IoT, Cloud, and Mobile Assets Get Gartner’s Guide to AI Agent Supervision and Runtime Controls
Indicators of Compromise
- malware — BeaverTail
- malware — DEV#POPPER RAT
- malware — OmniStealer