Security Researchers Discover 150,000 Malicious npm Packages in Token Farming Scheme
An anonymous reader shared a report from The Register detailing a significant supply chain attack on the npm registry, marking one of the largest package flooding incidents in the history of open-source registries. The attack, identified by Amazon Inspector security researchers using a new detection rule and AI assistance, involves over 150,000 malicious packages tied to a coordinated token farming scheme. Unlike traditional supply chain attacks that inject malware or credential-stealing code, this scheme exploits a decentralized protocol called tea.xyz to reward open-source developers with TEA tokens, a utility asset within the tea ecosystem used for incentives, staking, and governance.
The malicious packages were designed to automatically generate and publish to the npm registry, earning cryptocurrency rewards for the attackers. The code included tea.yaml files that linked the packages to attacker-controlled blockchain wallet addresses, effectively enabling the attackers to siphon rewards from the tea.xyz protocol. According to CSO Online, TEA tokens currently hold no value, but the threat actors are believed to be positioning themselves to benefit when the Tea Protocol launches its Mainnet, at which point TEA tokens will have real monetary value and can be traded.
In an interview, Brian Fox, CTO of Sonatype, who previously reported on the campaign in April 2024, noted that the scale of the attack has grown to over 153,000 packages. He expressed concern that the worm remains uncontrolled, and warned that other threat actors could be inspired to exploit similar reward-based systems for financial gain or to deliver malware. Amazon researchers have emphasized that this incident represents a defining moment in supply chain security, highlighting the risks associated with decentralized reward systems.
The incident has prompted a coordinated response from the Open Source Security Foundation (OpenSSF), with Amazon researchers thanking the organization for its rapid collaboration. The attack has also raised concerns among npm administrators, who are working to remove over 100,000 malicious packages from the registry. As the tea.xyz protocol continues to evolve, the potential for exploitation remains a critical issue in the realm of open-source security.
.