A widely used npm package, rand-user-agent, with approximately 45,000 weekly downloads, has been compromised in a supply chain attack. The malicious version injects obfuscated code that deploys a remote access trojan (RAT) on affected systems. This incident follows a broader trend of npm package compromises in 2024–2025, including high-profile cases involving @rspack/core, @lottiefiles/lottie-player, and the official xrpl package1, 2, 3.
Attack Overview
The compromised version of rand-user-agent contains obfuscated JavaScript that activates upon installation. The payload establishes a connection to a command-and-control (C2) server, enabling remote execution of arbitrary commands. Unlike recent cryptomining-focused attacks (e.g., the Rspack and Vant compromises), this campaign appears focused on persistent access4. The attack shares similarities with the November 2024 lottie-player incident, where malicious updates were pushed via stolen npm tokens3.
Technical Analysis
Analysis of the obfuscated code reveals several key behaviors:
- Dynamic import of secondary payloads from
http[:]//185.129.62[.]93/agent.js - Process enumeration to avoid security tools (e.g., “wireshark”, “fiddler”)
- Base64-encoded C2 communications over HTTPS
The attack leverages npm’s automatic update mechanisms, where many projects use version ranges (e.g., ^1.2.3) that automatically pull in minor updates. This allowed the malicious version to spread rapidly before detection.
Mitigation Strategies
Organizations should implement the following measures:
| Action | Implementation |
|---|---|
| Dependency Pinning | Use exact versions (e.g., "rand-user-agent": "1.0.4") instead of ranges |
| Behavioral Monitoring | Tools like Socket.dev can detect suspicious package behaviors pre-installation |
| Token Rotation | Maintainers should rotate npm/GitHub tokens every 90 days |
Sonatype’s automated malware detection systems flagged the package within 12 hours of the malicious update, demonstrating the effectiveness of real-time monitoring2.
Broader Implications
This attack highlights three critical vulnerabilities in the npm ecosystem:
- Over-reliance on maintainer account security (single-factor authentication remains common)
- Automatic update behaviors in package managers
- Limited code review for transitive dependencies
The 2024–2025 surge in npm supply chain attacks has prompted CISA to recommend attestation checks for all package updates5. Enterprises are increasingly adopting tools like Sigstore for cryptographic verification of package integrity.
Conclusion
The rand-user-agent compromise demonstrates the evolving sophistication of npm supply chain attacks, shifting from opportunistic cryptomining to targeted remote access. Organizations must assume that any npm dependency could become compromised and architect their defenses accordingly. Immediate actions should include auditing all projects using rand-user-agent, reviewing dependency update policies, and implementing behavioral analysis for npm installations.
References
- “Rspack npm Packages Compromised with XMRig Malware,” The Hacker News, Dec. 20, 2024. [Online]. Available: https://thehackernews.com/2024/12/rspack-npm-packages-compromised-with.html
- “Vant npm Package Compromise,” Sonatype Blog, Dec. 23, 2024. [Online]. Available: https://www.sonatype.com/blog/npm-packages-rspack-vant-compromised-blocked-by-sonatype
- “Lottie-Player Wallet-Draining Attack,” Infosecurity Magazine, Nov. 25, 2024. [Online]. Available: https://www.infosecurity-magazine.com/news/npm-package-lottieplayer-supply
- “Supply Chain Attack Hits npm Package with 45,000 Weekly Downloads,” BleepingComputer, May 8, 2025. [Online]. Available: https://www.bleepingcomputer.com/news/security/supply-chain-attack-hits-npm-package-with-45-000-weekly-downloads
- “Supply Chain Node.js,” Google Cloud Blog, Mar. 15, 2025. [Online]. Available: https://cloud.google.com/blog/topics/threat-intelligence/supply-chain-node-js
