Security researchers have uncovered a massive coordinated attack on the npm package registry, where over 150,000 suspicious packages were created as part of an automated token farming scheme. The malicious packages, linked to the tea.xyz protocol, are designed to generate and publish themselves to earn cryptocurrency rewards. Unlike traditional supply chain attacks that inject malware into legitimate software, this campaign exploits the incentive-driven structure of open-source development platforms.
According to Amazon Inspector security researchers, the attack was first detected in late October 2024 and rapidly scaled to include over 150,000 packages by November 12. The packages were created under multiple developer accounts and linked to attacker-controlled blockchain wallet addresses via tea.yaml files. The tea.xyz protocol, which uses TEA tokens to reward developers for contributions, has become a vector for exploitation. While TEA tokens show no market value currently, experts speculate that the threat actors could benefit significantly when the Tea Protocol’s Mainnet launches, giving the tokens real monetary value.
Industry experts warn that this incident represents a defining moment in supply chain security. Brian Fox, CTO of Sonatype, noted that the attack is among the largest package flooding incidents in open source registry history, with the number of packages now exceeding 153,000. While the current threat primarily involves token theft, Fox acknowledges the potential for future exploitation. “I’m sure somebody out there is looking at this massively replicating worm and wondering if they can ride that, not just to get the Tea tokens but to put some actual malware in there,” he said.
The attack has raised serious concerns about the security of reward-based systems in open-source development. Security researchers at Amazon have deployed new detection rules paired with AI to flag suspicious packages. Despite these measures, the incident has already wasted significant time for npm administrators, who are working to remove over 100,000 packages. The incident highlights the need for better monitoring and safeguards in the open-source ecosystem, as similar schemes could target other reward systems for financial gain or potentially deliver malware in the future.