New npm Malware Campaign Verifies if the Visitor is a Victim or a Researcher Before Triggering Infection

A sophisticated malware campaign targeting the npm ecosystem has emerged, deploying a clever detection system that distinguishes between regular users and security researchers.

The threat actor, operating under the alias dino_reborn, created seven malicious npm packages designed to redirect users to crypto-themed scam sites while evading security detection.

This intricate operation represents a new frontier in supply chain attacks, combining traffic cloaking technology with browser-based evasion techniques to deliver precision-targeted malicious content.

The campaign leverages a set of contaminated packages including signals-embed, dsidospsodlks, applicationooks21, application-phskck, integrator-filescrypt2025, integrator-2829, and integrator-2830.

Six of these packages contain 39 kilobytes of malware code, while the seventh constructs a malicious webpage. When users visit the website deployed by these packages, the malware automatically analyzes their behavior and system characteristics to determine their threat level.

The threat actor then serves dramatically different experiences based on this classification—victims encounter a convincing fake CAPTCHA leading to malicious destinations, while researchers see only blank pages hiding the true nature of the attack.

Socket.dev security analysts identified and documented this complex campaign after discovering the interconnected infrastructure linking all packages to a single threat actor.

The research team traced the creation email to geneboo@proton[.]me and uncovered how the attacker was using Adspect, a legitimate cloaking service designed to distinguish between bots and real visitors.

By weaponizing this technology within npm packages, the attacker found a way to distribute self-contained malicious code that automatically gates access to harmful payloads based on sophisticated fingerprinting.

The campaign’s success stems from its multi-layered approach to evading both automated security scanners and human analysis. Upon deployment, the malware wraps its code in an Immediately Invoked Function Expression (IIFE), ensuring it executes automatically without requiring explicit function calls.

The code aggressively blocks researcher access by disabling browser developer tools, preventing right-click context menus, blocking keyboard shortcuts like F12, Ctrl+U, and Ctrl+Shift+I, and continuously reloading the page if DevTools are detected.

Technical Analysis of the Detection Evasion Mechanism

The malware’s ability to distinguish victims from researchers relies on a sophisticated fingerprinting system that collects thirteen distinct data points about each visitor.

When a user accesses the compromised website, the JavaScript payload gathers information, including the browser user agent, host information, referrer URL, request method, server hostname, protocol encryption status, request timestamp, language preferences, and accepted encoding formats.

This comprehensive data collection creates a detailed profile that gets transmitted to the Adspect API through a proxy endpoint, such as association-google.xyz/adspect-proxy.php, effectively reconstructing server-side request capabilities within the browser environment.

The decision-making logic represents the campaign’s core innovation. When Adspect receives the fingerprint data, it analyzes the traffic characteristics and returns a response indicating whether the visitor appears legitimate or suspicious.

If the API determines the traffic originates from a researcher, it returns an “ok: false” status, triggering the display of a blank white page containing only generic text about Offlido, a fake offline storage company.

This benign page provides perfect cover, appearing completely legitimate to any analyst who might inspect it. Conversely, if Adspect determines the visitor is a potential victim, it returns “ok: true” along with a malicious redirect URL and triggers display of a fake CAPTCHA interface.

The CAPTCHA mimics real verification systems from legitimate crypto exchanges like Uniswap and Jupiter, borrowing their branding to build false credibility.

When victims click the verification checkbox, a three-second loading animation plays before showing success, followed by automatic redirection to the malicious URL in a new browser tab.

This psychological manipulation, combined with the familiar CAPTCHA interface, increases the likelihood that victims will trust and engage with the redirect without suspicion.

The attacker’s infrastructure flexibility represents another significant advantage. Because Adspect returns new redirect URLs on each request, the threat actor can rotate final destinations server-side without ever republishing any npm package, making traditional takedown efforts reactive rather than preventative.

This allows the campaign to remain operational even after initial detection and package removal from npm’s registry.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.