Seven Malicious npm Packages Exploit Blockchain to Deliver Remote Access Trojan

A sophisticated supply chain attack targets Vite developers using blockchain-based command-and-control infrastructure that's nearly impossible to shut down

Seven Malicious npm Packages Exploit Blockchain to Deliver Remote Access Trojan

A New Wave of npm Supply Chain Attacks Targets Frontend Developers

A cluster of seven malicious npm packages has been discovered targeting developers who use Vite, one of the most popular JavaScript frontend build tools in modern web development. The campaign, dubbed ViteVenom by cybersecurity firm Checkmarx, represents a significant escalation in software supply chain attacks — not just because of who it targets, but because of how it operates. The attackers are leveraging a multi-tier blockchain-based command-and-control (C2) infrastructure, making the malicious network extraordinarily difficult for law enforcement or platform administrators to dismantle. This malicious npm packages supply chain attack is a stark reminder of how sophisticated threat actors have become in exploiting developer ecosystems.

The discovery, detailed in research published by Checkmarx analyst Pavan Gudimalla, links ViteVenom to an earlier campaign called ChainVeil, which first used this unprecedented four-tier blockchain C2 approach. Both campaigns are attributed to a threat actor identified as SuccessKey, with evidence of malicious activity traced back to February 27, 2026, when cryptocurrency wallets connected to ViteVenom were first activated. The seven packages were published to the npm registry between June 29 and July 3, 2026, and had collectively accumulated over 2,400 downloads before being flagged.

Cybersecurity threat targeting open source developers
Supply chain attacks on open source ecosystems are becoming increasingly sophisticated, targeting developers directly through trusted package registries.

What Makes ViteVenom Different From Typical Package Malware?

Most npm-based malware operates on a simple premise: install a package, trigger malicious code at install time, and steal data. ViteVenom breaks from this pattern in a way that makes it significantly more evasive. The malicious code embedded in these packages does not execute at install time — it activates at import time, meaning it only runs when a developer actually imports and uses the library in their code. This subtle but crucial distinction dramatically reduces the chances that endpoint security tools will flag the package during a routine audit or automated scan.

Once triggered, the malicious loader initiates a multi-step retrieval process using public blockchain networks — specifically Tron, Aptos, and Binance Smart Chain (BSC) — to obtain its malicious payload. Rather than hard-coding a traditional command-and-control server address (which can be seized, blocked, or taken offline), the attacker stores payload pointers as transaction data on public blockchains. These blockchains are decentralized, globally distributed, and practically impossible for any single authority to shut down. As Checkmarx researcher Pavan Gudimalla noted in his analysis, "The attacker stores payload pointers as transaction data on public blockchains rather than on domain names that can be seized, making the infrastructure nearly impossible to take down."

The retrieval chain works as follows: the malware queries the Tron blockchain for the latest transaction from the attacker's wallet, decodes and reverses the transaction data field to obtain a Binance Smart Chain transaction hash, queries the BSC transaction to extract an encrypted payload, and then decrypts it using a hard-coded key. If the Tron-based retrieval fails, the malware automatically switches to Aptos as a backup channel. A further fallback mechanism also allows the RAT to be fetched directly from a C2 server over HTTP, bypassing the blockchain entirely.

"This tactic makes disabling or destroying the C2 infrastructure extremely difficult — it represents a new frontier in attacker resilience that the security community must urgently address."

— Pavan Gudimalla, Cybersecurity Researcher, Checkmarx

The Seven Packages: Scope, Downloads, and Deception Tactics

The seven identified packages were carefully crafted to impersonate the legitimate @vitejs/* namespace — the official scoped namespace used by the Vite project — lending them a veneer of authenticity that could easily fool developers browsing the npm registry or copying package names from online tutorials and forums. This contrasts with ChainVeil's earlier approach of using unscoped typosquats (such as packages mimicking "rate-limit-flexible"), suggesting the SuccessKey operator is refining their social engineering strategy over time.

Package Name Downloads Published
@uw010010/vite-tree1,070Late June–Early July 2026
@vite-tab/tab289Late June–Early July 2026
@vite-ln/build-ts252Late June–Early July 2026
@vite-mcp/vite-type239Late June–Early July 2026
@vite-pro/vite-ui200Late June–Early July 2026
@vitets/vite-ts194Late June–Early July 2026
@vite-ts/vite-ui176Late June–Early July 2026

The package with the highest download count — @uw010010/vite-tree — accounted for nearly half of all total downloads across the cluster. The fact that this package uses a distinctly non-official-looking scope (@uw010010) yet still accumulated over a thousand downloads illustrates just how casually developers can install packages without verifying their origin or legitimacy. According to research from Sonatype's annual State of the Software Supply Chain report, the number of malicious packages uploaded to open source registries has grown sharply year over year, reflecting a broader trend of attackers increasingly targeting developer toolchains as an entry point into corporate and enterprise environments.

Remote Access Trojans in the npm Ecosystem: Full Capabilities Exposed

Once the blockchain-based loading chain completes its retrieval, the final-stage payload is a fully featured Remote Access Trojan (RAT). The capabilities this malware grants to a remote attacker are extensive and serious: a reverse shell (allowing the attacker to execute arbitrary commands on the victim's machine), credential harvesting, file exfiltration, and persistent backdoor injection. Persistent backdoor injection, in particular, is especially alarming — it means that even if a developer removes the malicious package, the attacker may retain ongoing access to the compromised system through modifications made to shell configuration files such as .bashrc, .zshrc, and .profile.

For software developers and small business owners running development environments, the implications go far beyond a compromised personal machine. If the affected developer has access to cloud infrastructure, CI/CD pipelines, customer data repositories, or internal APIs — all common scenarios in modern development work — a successful RAT deployment could cascade into a full organizational breach. This is particularly concerning for companies subject to GDPR or other data protection regulations, where a breach of personal data must be reported to supervisory authorities within 72 hours. The harvesting of credentials or source code through a malicious npm package could trigger compliance obligations that companies are often unprepared to meet swiftly.

2,420+Total downloads across 7 malicious packages
4-TierBlockchain C2 infrastructure layers (Tron, Aptos, BSC + HTTP fallback)
72 hrsGDPR breach notification window for affected organizations
Feb 2026Earliest detected malicious activity linked to SuccessKey

Why Blockchain-Based C2 Is a Game-Changer for Cybersecurity Defenders

Traditional malware relies on domain names or IP addresses as C2 infrastructure. Security teams, internet service providers, and registrars can flag, block, or seize these assets — often disrupting entire malware campaigns. The blockchain model upends this defensive playbook. Transactions recorded on public blockchains like Tron, Aptos, and Binance Smart Chain are immutable and globally replicated. No single company, government, or law enforcement body controls these networks, and records cannot simply be deleted or redirected. This makes the approach — which Checkmarx describes as "unprecedented" in its four-tier complexity — a serious challenge for incident responders and threat intelligence teams alike.

The connection between the ViteVenom and ChainVeil clusters is established through shared tier-2 infrastructure: specifically, the same Tron wallet addresses and Aptos account addresses point to the same BSC transaction that delivers the malware. This shared infrastructure, despite surface-level differences in package names, maintainer accounts, and malicious file paths, suggests a single operator deliberately compartmentalizing multiple distribution tracks to limit exposure. As Checkmarx noted, "The surface-level differences — different package names, different maintainer accounts, different Tier-1 wallets, different malicious file paths — are consistent with how a single operator would compartmentalize multiple distribution tracks to limit exposure." This operational security discipline points to a threat actor with considerable experience in running covert campaigns.

The broader implications for open source security are significant. Research from the OpenSSF (Open Source Security Foundation) and industry groups like CISA has repeatedly highlighted the vulnerabilities inherent in public package registries. The npm ecosystem alone hosts over two million packages, and while both npm and major cloud providers have invested in automated malware detection tools, the volume and velocity of new package uploads makes comprehensive screening an ongoing challenge. The use of blockchain-based payload delivery adds another layer that existing scanning tools are not yet well-equipped to detect.

Developer working at a computer facing cybersecurity threats
Frontend developers using popular build tools like Vite are increasingly targeted by sophisticated supply chain attacks designed to bypass standard security tooling.

How Developers and IT Teams Should Respond Right Now

If you or your organization has installed any of the seven identified packages, the response must be immediate and thorough. Checkmarx recommends the following steps:

    Originally reported by RSS App New Cybersecurity Feed. Summarised and curated by European Purpose.