The NPM Package
Cybersecurity researchers recently flagged a malicious npm package that artificial intelligence (AI) generated and concealed a cryptocurrency wallet drainer.
The package, @kodane/patch-manager, claims to offer “advanced license validation and registry optimization utilities for high-performance Node.js applications.” A user named “Kodane” uploaded it to npm on July 28, 2025. Although the package is no longer available for download from the registry, it attracted over 1,500 downloads before its removal.
Software supply chain security company Safety discovered the library and stated that the malicious features appear directly in the source code, calling it an “enhanced stealth wallet drainer.”
Specifically, the behavior triggers as part of a postinstall script that drops its payload within hidden directories across Windows, Linux, and macOS systems. It then connects to a command-and-control (C2) server at “sweeper-monitor-production.up.railway[.]app.”
“The script generates a unique machine ID code for the compromised host and shares that with the C2 server,” Paul McCarty, head of research at Safety, explained. He noted that the C2 server lists two compromised machines.
In the npm ecosystem, postinstall scripts often serve as overlooked attack vectors—they run automatically after a package installs, meaning users can face compromise without ever executing the package manually. This situation creates a dangerous blind spot, especially in CI/CD environments where dependencies update routinely without direct human review.
Malware made by an AI
The malware scans the system for the presence of a wallet file, and if it finds one, it drains all funds from the wallet to a hard-coded wallet address on the Solana blockchain.
While this incident is not the first time cryptocurrency drainers have appeared in open-source repositories, @kodane/patch-manager stands out due to clues suggesting the use of Anthropic’s Claude AI chatbot to generate it.
These clues include the presence of emojis, extensive JavaScript console logging messages, well-written and descriptive comments, and a README.md markdown file written in a style consistent with Claude-generated markdown files. Additionally, Claude’s pattern of calling code changes “Enhanced” further supports this theory.
The discovery of the npm package highlights “how threat actors are leveraging AI to create more convincing and dangerous malware,” McCarty stated.
Moreover, the incident underscores growing concerns in software supply chain security, where AI-generated packages may bypass conventional defenses by appearing clean or even helpful.
This situation raises the stakes for package maintainers and security teams, who now need to monitor not just known malware but also increasingly polished, AI-assisted threats that exploit trusted ecosystems like npm.
Source: TheHackerNews
Read more at Impreza News