Skip to content
techpotions
npm · supply chain attack · Lazarus · North KoreaJuly 4, 20263 min read

Dev Secrets Stolen by a Fake Rollup Polyfill

JFrog researchers uncovered six npm packages impersonating Rollup polyfill tools, linked to North Korea's Lazarus Group, stealing credentials and enabling remote access. Here's how the attack works and how to protect your supply chain.

Cover illustration for “Dev Secrets Stolen by a Fake Rollup Polyfill”

The Attack

North Korea npm packages have been caught mimicking legitimate Rollup polyfill tools to steal developer secrets. Security researchers at JFrog identified a set of six malicious packages in a campaign attributed to the Lazarus Group, a North Korean advanced persistent threat (APT) actor. The attack begins innocently enough: developers looking for "rollup-polyfill" tools might install rollup-packages-polyfill-core or rollup-runtime-polyfill-core. These packages don't just resolve build dependencies—they drop a Base64-encoded npm install command that silently fetches a second stage. The Hacker News reported that this post-install hook installs one of two secondary payloads: swift-parse-stream or quirky-token.

Those second-stage packages don't touch your codebase. They collect environment variables, SSH keys, cloud credentials, and browser data, then exfiltrate the haul to attacker-controlled servers. The Next Web confirmed that the malicious modules even set up remote access backdoors, giving attackers a foothold on developer machines. If you've ever run an npm install inside a monorepo that pulled rollup-packages-polyfill-core, your secrets may already be in Pyongyang.

Why This Attack Is Different

Unlike earlier npm malware that poisoned a single package, this Lazarus campaign uses a two-stage dropper that evades static analysis. The initial package looks harmless—it declares standard Rollup dependencies and includes legitimate-looking JavaScript. The post-install script is Base64-encoded, hiding the download of the real malware. JFrog's analysis notes that the attackers carefully chose package names that match search terms developers type when debugging Rollup build issues, making the malicious packages appear in search results alongside real tools.

The expansion beyond npm is alarming. Vulert reports that North Korean hackers have published over 1,700 malicious packages across npm, PyPI, Go, and Rust ecosystems, employing social engineering to trick developers into installing trojanized libraries. The group impersonates trusted contacts and organizations, sending phishing lures that include a link to the malicious package. Once installed, the malware runs silently without any UI change, making detection nearly impossible without behavioral monitoring.

The Malicious Package Names

If your project or global cache contains any of these, remove them immediately:

  • rollup-packages-polyfill-core
  • rollup-runtime-polyfill-core
  • swift-parse-stream
  • quirky-token (There are likely additional variants—the JFrog team mentioned six packages total, but the full list wasn't disclosed at publication time.)

Check your node_modules, lockfiles, and CI cache. The first-stage packages are no longer on npm (they were removed within hours), but if you installed them before takedown, the payloads persist.

Defending Your Supply Chain

This attack exploits trust in tooling names and the reflex to npm install when a build breaks. Protect your CI pipelines:

  • Pin exact versions in lockfiles and audit them regularly.
  • Use a private registry proxy that blocks brand-new packages from unknown publishers.
  • Run npm audit and tools like Socket or Snyk that detect behavioral anomalies, not just known CVEs.

At techpotions we harden dependency trees and CI configurations so that droppers like these never reach production. We've also published a guide on supply chain hardening for JavaScript developers. If you can't audit every transitive dependency, reduce your attack surface by trimming unused packages and replacing opaque polyfills with smaller, well-known alternatives.

FAQ

How can I tell if I installed a malicious Rollup polyfill package?

Search your lockfiles for rollup-packages-polyfill-core, rollup-runtime-polyfill-core, swift-parse-stream, or quirky-token. If any appear, assume your environment is compromised—rotate all secrets and rebuild from a clean OS.

What should I do if my project uses a legitimate Rollup polyfill?

The malicious packages only use similar names, not the official @rollup/plugin-* namespace. You can continue using genuine Rollup plugins safely if you install them from the official npm scope and verify publisher trust.

How do these attacks bypass standard npm security checks?

The initial package contains a Base64-encoded string that decodes to an npm install command, executed in a post-install lifecycle script. Because the payload is fetched and run after install, the package's source code appears benign to static scans.

Written by
techpotions
All entries
Agentic AI Ransomware Exploits Langflow RCE

Got a build in mind? Tell us about it.