Security researchers have discovered a new type of supply chain attack on the npm registry, where attackers have created over 150,000 malicious packages to exploit open-source developers through a token farming scheme. This incident, described by Amazon as one of the largest package flooding events in open source registry history, represents a significant shift from traditional malware attacks. Instead of injecting malicious code to steal credentials or deploy ransomware, the attackers have leveraged the tea.xyz protocol to generate and publish functionless packages that automatically earn cryptocurrency rewards. The scheme, which appears to be coordinated across multiple developer accounts, includes code that links these packages to attacker-controlled blockchain wallet addresses, enabling the theft of TEA tokens. While TEA tokens currently have no value, the attackers are positioning themselves to benefit from the potential financial gain when the Tea Protocol’s Mainnet launches, where TEA tokens may acquire monetary value and become tradable assets.
Amazon Inspector researchers first identified the suspicious packages in late October, and by November 7, they had flagged thousands of packages. By November 12, the team had uncovered more than 150,000 malicious packages, which they linked to the tea.xyz token farming campaign. This coordinated effort has raised concerns about the potential for similar schemes to exploit reward-based systems for financial gain. The attack’s self-replicating nature has allowed it to proliferate rapidly, with the number of packages growing from 15,000 to 153,000 within a short period. Sonatype, a software supply chain management provider, noted the increase, and its CTO Brian Fox warned that the worm is not yet under control, emphasizing the threat it poses to open-source ecosystems and the broader cybersecurity landscape. Fox also cautioned that other threat actors may take inspiration from this campaign, potentially using the same methodology to inject more dangerous payloads into the system.
Researchers from Amazon and Sonatype have collaborated to address the issue, using AI-assisted detection tools to flag and analyze the malicious packages. While the current campaign primarily targets Tea tokens, the attack’s scale and method have implications for the future of supply chain security. Experts have pointed out that this incident represents a defining moment in the evolution of open-source security threats, highlighting the need for enhanced monitoring and response protocols. The tea.xyz protocol, which is designed to reward open-source developers using TEA tokens, is now under scrutiny, with npm administrators working to remove the over 100,000 packages from the registry. Despite ongoing efforts, the threat remains active, with the potential to inspire similar attacks on other reward-based systems that could lead to more severe financial or security risks.