PolinRider Campaign: North Korean Actors Unleash 108 Malicious Packages and Extensions

0
2

Key Takeaways

  • The Contagious Interview campaign, attributed to North Korean threat actors, uses fake job interviews to lure developers into installing malicious npm, Packagist, Go, and Chrome extensions.
  • As of April 2026, the PolinRider operation has published 108 unique malicious packages (162 release artifacts) spanning multiple ecosystems.
  • Attackers compromise public GitHub repositories by injecting obfuscated JavaScript loaders, then abuse VS Code task files to auto‑execute code when a folder is opened.
  • The malware searches for common configuration files, appends malicious code, rewrites Git history to hide changes, and fetches a second‑stage payload from blockchain services (TRON, Aptos, BNB Smart Chain).
  • Defensive actions include rotating secrets from a clean host, removing infected versions, rebuilding from known‑good lockfiles, and auditing repositories for suspicious commits, altered .vscode/tasks.json, and modified config files.

Overview of Contagious Interview and PolinRider
The Contagious Interview campaign is a North Korea‑aligned operation that masquerades as legitimate job recruitment efforts targeting software developers and cryptocurrency professionals. By presenting convincing interview processes and technical assessments, attackers coax victims into executing malicious code. PolinRider is the ongoing sub‑campaign within this broader effort, identified by security researchers as the vehicle used to distribute tainted software packages and browser extensions across multiple language ecosystems. Its persistence highlights a strategic shift from credential theft to supply‑chain poisoning, exploiting the trust developers place in public registries and open‑source collaboration platforms.

Scale of Malicious Artifacts
According to Socket security researcher Karlo Zanki, PolinRider has produced 162 malicious release artifacts that correspond to 108 unique packages and extensions. These are distributed across four major repositories: 19 npm libraries, 10 Composer (Packagist) packages, 61 Go modules, and a single Google Chrome extension. The breadth of ecosystems targeted demonstrates the attackers’ capability to infiltrate diverse development pipelines, increasing the likelihood that a compromised component will reach a wide range of projects, from web applications to backend services and desktop tools.

Recruitment Lure Tactics
Threat actors initiate contact on professional networking sites such as LinkedIn, GitHub, and freelance marketplaces, often posing as recruiters or collaborators from seemingly legitimate companies. They invest in elaborate front‑company facades, complete with AI‑generated employee profiles and polished websites, to establish credibility. Once rapport is built, they deliver a seemingly innocuous coding challenge or take‑home assignment that, when executed, triggers the download of the malicious payload. This social engineering approach bypasses traditional technical defenses by exploiting human trust and the desire for career advancement.

PolinRider Discovery and GitHub Repository Compromise
The OpenSourceMalware team first flagged PolinRider in March 2026, noting the injection of obfuscated JavaScript loaders into hundreds of public GitHub repositories belonging to numerous distinct owners. By April 11, 2026, the campaign had compromised 1,951 repositories associated with 1,047 unique users. The attackers achieve this not by stealing credentials but by exploiting existing maintainer access—potentially through expired domain takeovers or account recovery procedures—to push malicious code directly into trusted projects.

Integration with TaskJacker and VS Code Task Abuse
PolinRider has merged with a related cluster dubbed TaskJacker, which focuses on inserting malicious Visual Studio Code task files into victims’ repositories. These tasks are configured with the "runOn": "folderOpen" option, causing the embedded JavaScript to execute automatically whenever a developer opens the folder as a workspace in VS Code, Cursor, or similar IDEs. This technique ensures persistence and stealth, as the malicious code runs under the guise of legitimate development workflows without requiring explicit user interaction beyond opening a project.

Malware Execution Mechanisms
Once activated, the JavaScript loader scans the infected workstation for specific configuration files frequently used in modern web development—such as postcss.config.mjs, tailwind.config.js, eslint.config.mjs, next.config.mjs, babel.config.js, and app.js. When located, the malware appends its own obfuscated code to these files, ensuring execution during subsequent builds or development server start‑ups. To conceal its tracks, the threat actors employ a Windows batch script that rewrites the most recent Git commit, making the malicious changes appear as if they originated from the legitimate author. Similar history‑altering tactics are suspected for Linux and macOS environments.

Obfuscation and Git History Manipulation
The core tradecraft involves hiding JavaScript loaders within whitespace padding or disguising them as fake .woff2 font files, thereby evading casual inspection. Additionally, attackers use force pushes and anti‑dated commits to make malicious alterations look older and less suspicious in the repository’s visible history. As a result, standard indicators such as the GitHub landing page or commit log become unreliable; defenders must consult repository activity logs, package release metadata, VS Code task configurations, and scrutinize unexpected changes to critical configuration files to uncover the compromise.

Payload Delivery via Blockchain Infrastructure
In its latest iteration, the PolinRider loader functions as a fetcher that reaches out to blockchain nodes—specifically services on the TRON, Aptos, and BNB Smart Chain networks—to retrieve an encrypted second‑stage payload. Upon decryption, this payload unpacks into two notorious tools: the DEV#POPPER Remote Access Trojan (RAT) and the OmniStealer information‑stealer. These utilities enable persistent remote control, credential harvesting, and exfiltration of sensitive data, effectively turning compromised developer machines into footholds for broader espionage or financial gain campaigns.

Related Findings and Overlapping Campaigns
Parallel investigations by JFrog have uncovered npm packages masquerading as Rollup polyfills that serve the same purpose of delivering remote access and data‑theft capabilities. Additionally, other npm and Go packages have been found incorporating VS Code auto‑run tasks that execute JavaScript payloads concealed within counterfeit font files, revealing tactical overlap between the Fake Font, TaskJacker, and PolinRider strands. These convergences suggest a modular toolkit shared among North Korean‑linked threat actors, allowing them to reuse successful techniques across multiple attack vectors.

Mitigation and Defensive Guidance
Organizations and individual developers who suspect they have installed any of the implicated packages should treat their environment as compromised. Immediate steps include rotating all exposed secrets (API keys, tokens, passwords) from a clean, unaffected machine, removing the malicious versions, and rebuilding projects from a known‑good lockfile or baseline. Auditing developer workstations and repositories is essential: review .vscode/tasks.json for abnormal runOn entries, inspect configuration files for unexpected appended code, and examine Git history for signs of force‑pushed or back‑dated commits. Employing software composition analysis tools, enforcing strict provenance checks, and enabling branch protection rules can further reduce the risk of supply‑chain infiltration.

Outlook and Continuing Threat
The Contagious Interview operation remains active, with new malicious packages likely to appear as attackers continue to hijack maintainer accounts and exploit trusted repositories. As the campaign evolves, defenders must stay vigilant, combining technical controls—such as automated dependency scanning and immutable release pipelines—with continuous security awareness training to recognize social‑engineering lures. By understanding the full attack chain, from deceptive recruitment to blockchain‑fetched payloads, the developer community can better shield its ecosystems against this persistent and sophisticated North Korean‑linked threat.

SignUpSignUp form

LEAVE A REPLY

Please enter your comment!
Please enter your name here