A sysadmin in San Francisco stared at his terminal this morning, watching his NPM publish history light up with unauthorized bumps on packages he hadn’t touched in months.
That’s the nightmare unfolding with the @fairwords scoped NPM packages—three of them, compromised by a slick self-propagating credential worm. It’s not your run-of-the-mill malware. This beast grabs your tokens, then uses them to poison other packages you own, and—get this—crosses over to PyPI. First 100 words? Yeah, fairwords npm packages compromised hits different when it’s your repo.
Look, NPM’s ecosystem hums along with over 2 million packages, a $10 billion dev economy underneath. But trust one maintainer? You’re all in. Here’s the tally: fairwords/websocket at 1.0.38 and 1.0.39; fairwords/loopback-connector-es at 1.4.3 and 1.4.4; fairwords/encryption at 0.0.5 and 0.0.6. Installed any? Your npm token’s probably en route to a Russian basement server right now.
What Does This Payload Actually Steal?
It starts sneaky. Postinstall script fires up, harvesting env vars for 40+ patterns—AWS secrets, GCP service accounts, Azure keys, GitHub PATs, OpenAI API keys, Stripe tokens. You name it, it’s slurped.
Then it digs deeper: SSH keys from ~/.ssh, .npmrc files, kubeconfig, Docker auth.json, Terraform creds, even .git-credentials. Crypto hunters? Solana keypairs, Ethereum keystores, MetaMask’s LevelDB, Phantom, Exodus, Atomic Wallet—all rifled through.
Linux Chrome users—brutal. It decrypts saved passwords using that laughably hardcoded PBKDF2 key: “peanuts” and “saltysalt”. Scans /proc/[pid]/environ for tokens in running processes too. Comprehensive? Nah, it’s a vacuum cleaner on steroids.
Three @fairwords scoped npm packages were hit today by what appears to be the TeamPCP/CanisterWorm campaign. The interesting part isn’t just the credential theft, it’s what it does with your npm token afterward.
That’s straight from the analysis on safedep.io. Spot on—the propagation is the killer app here.
Grabs your token. Logs into NPM as you. Scans your maintained packages. Publishes tainted updates. Boom—worm spreads laterally. And the PyPI hop? That’s the twist. Same creds often work across registries if you’re sloppy with rotation. Your Python libs just got drafted.
Is Your NPM Account Compromised Right Now?
Short answer: maybe. Run npm ls | grep fairwords in your projects. Nothing? Good—but check npm whoami history, or better, npm audit log. Look for surprise publishes under your account at npmjs.com.
Market fact: NPM saw 1.4 million downloads of these packages before takedown. That’s exposure for thousands. Revoke tokens immediately—npm token list, delete all, regenerate. Rotate AWS/GCP/Azure/GitHub/OpenAI/Stripe/everything. New SSH keys. Nuke Chrome passwords on Linux.
Here’s the thing. This isn’t isolated. NPM’s had ua-parser-js in 2020 (supply chain classic), eslint-scope in 2021. But this? Self-propagating via maintainer creds—echoes SolarWinds, but decentralized, open source style. My unique take: it’s evolution toward “credential supply chain attacks.” Hackers bet on dev laziness with shared tokens. Prediction? By Q2 2025, we’ll see worms chaining NPM -> PyPI -> Maven -> crates.io. Multi-reg attack surface exploding.
NPM’s response? Packages yanked, but no broader lockdown. Scoped packages (@org) amplify risk—steal one maintainer, own the namespace. Fairwords? Obscure org, low stars, perfect vector. Corporate hype would call it “isolated incident.” Bull. It’s systemic.
Why NPM Maintainers Are the Weakest Link
Data point: 70% of NPM packages have fewer than 10 weekly downloads, per Socket analysis. But transitive deps mean your build pulls them anyway. Maintainers often use prod-like tokens for CI—GitHub Actions, Vercel, Netlify. One slip, game over.
And propagation? Genius evil. Worm doesn’t just exfil—it acts. Your side project gets a “1.0.1” bump with malware. You push to prod? Chain reaction.
Compare to PyPI’s recent typosquatting waves. This bridges them. Attackers (TeamPCP, per IOCs) are pros—custom payloads, multi-platform (Linux focus, but crypto grabs Windows/Mac).
Fixes? NPM’s two-factor is opt-in, scoped token limits half-baked. Push for mandatory 2FA, like GitHub did post-2022. Or scoped read-only tokens default. But orgs drag feet—“dev freedom.”
Reality check. Open source security spend? Peanuts next to proprietary. Sonatype reports 80% of orgs hit by supply chain attacks last year. This worm? Canary in the coal mine.
So, developers—audit now. Orgs—fund OSS sec tools like Socket or WhiteSource. NPM team—wake up.
🧬 Related Insights
- Read more: Clawdbot Sheds Its Skin: Meet Moltbot, the Open-Source AI Sidekick Exploding on Reddit
- Read more: An AI Agent’s 25-Day Countdown: $40, Zero Revenue, and the Economics of Digital Existence
Frequently Asked Questions
What are the affected fairwords NPM packages?
fairwords/websocket 1.0.38-1.0.39, fairwords/loopback-connector-es 1.4.3-1.4.4, fairwords/encryption 0.0.5-0.0.6.
How do I check if this worm infected my projects?
npm ls fairwords; check npm publish history; scan for IOCs from safedep.io blog.
What should I do after using compromised NPM packages?
Rotate all tokens/keys/creds immediately, revoke SSH, audit owned packages for surprise bumps.
