Experts from the company Safety discovered a malicious package in npm, generated using AI, which concealed malware designed to steal cryptocurrency wallet data.
A package named @kodane/patch-manager allegedly offered “advanced license verification tools and registry optimization for high-performance Node.js applications.” It was uploaded to npm by a user with the nickname Kodane on July 28, 2025. Currently, the package has been removed from the registry, but before its removal, it was downloaded more than 1,500 times.
Researchers note that the malicious functions of the package were listed directly in its source code: the component for stealing cryptocurrency was called an “enhanced stealth wallet drainer.”
The attack was carried out through a postinstall script that was triggered upon the package installation. The script stored the payload in hidden directories on Windows, Linux, and macOS, then generated an ID for the infected machine and connected to a command-and-control server at sweeper-monitor-production.up.railway[.]app. At the time of analysis, this server displayed only two infected devices.
After infection, the malware scans the system for cryptocurrency wallet files, and if it finds them, it transfers all the funds to a hard-coded address in the Solana blockchain. It is assumed that most of the transactions associated with this wallet are obtained from compromised wallets of users who installed the malicious package.
While malware designed to steal cryptocurrency has been discovered in open source repositories multiple times before, @kodane/patch-manager stands out because, according to researchers, it was generated using the Claude chatbot from Anthropic. Researchers list the following evidence for this claim:
- use of emojis;
- numerous console log messages typical for JavaScript;
- well-written descriptive comments in the code;
- a README.md file written in a style characteristic of Claude;
- a tendency to refer to code changes with the word “Enhanced.”
According to experts, this incident demonstrates that attackers are using AI to create increasingly sophisticated and dangerous malware.
2025.02.09 — Abandoned AWS S3 buckets could be used in attacks targeting supply chains
watchTowr discovered plenty of abandoned Amazon S3 buckets that could be used by attackers to deliver malware and backdoors to government agencies and large corporations. The researchers discovered…
Full article →
2025.03.24 — Alexa to stop processing data locally. All voice requests will be sent to Amazon Cloud
Amazon announced that the privacy option allowing users of Echo speakers to avoid sending their voice recordings to the company's cloud will no longer be supported. Effective March…
Full article →
2025.02.07 — 768 vulnerabilities were exploited by hackers in 2024
According to VulnCheck, 768 CVEs were registered as exploited in real-life attacks in 2024. This is 20% greater compared to 2023 when hackers exploited 639 vulnerabilities. Interestingly,…
Full article →
2025.02.14 — 12,000 Kerio Control firewalls remain vulnerable to RCE
Security experts report that more than 12,000 GFI Kerio Control firewall instances remain vulnerable to the critical RCE vulnerability CVE-2024-52875, which was fixed…
Full article →
2025.02.12 — 2.8 million IP addresses used to brute-force network devices
The Shadowserver Foundation warns of a massive web login brute-forcing attacks targeting nearly 2.8 million IP addresses per day. Unknown attackers are seeking…
Full article →
2025.02.10 — Failed attempt to block phishing link results in massive Cloudflare outage
According to the incident report released by Cloudflare, an attempt to block a phishing URL on the R2 platform accidentally caused a massive outage; as a result, many Cloudflare…
Full article →
2025.01.25 — 18,000 script kiddies have been infected with backdoor via XWorm RAT builder
According to CloudSEK analysts, malefactors attack novice hackers using a fake malware builder. Script kiddies' systems become infected with a backdoor that steals data and subsequently…
Full article →
2025.02.03 — PyPI introduces a project archival system to combat malicious updates
The Python Package Index (PyPI) introduces a new project archival system: a project can now be archived to notify users that it's not expected to be updated…
Full article →
2025.04.15 — Hackers exploit authentication bypass bug in OttoKit WordPress plugin
Hackers exploit an authentication bypass vulnerability in the OttoKit (formerly SureTriggers) WordPress plugin used by more than 100,000 websites. First attacks were recorded just…
Full article →
2025.03.20 — 8,000 vulnerabilities identified in WordPress ecosystem in 2024
According to Patchstack, world's #1 WordPress vulnerability intelligence provider, 7,966 new vulnerabilities were identified in the WordPress ecosystem in 2024; most of these bugs affected plugins…
Full article →