Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
Contents
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
Kirill Boychenko
July 15, 2025
The Socket Threat Research Team has uncovered a new North Korean software supply chain attack involving a previously unreported malware loader we call XORIndex. This activity is an expansion of the campaign we reported in June 2025, which deployed the HexEval Loader. In this latest wave, the North Korean threat actors behind the Contagious Interview operation infiltrated the npm ecosystem with 67 malicious packages, collectively downloaded more than 17,000 times. 27 of these packages remain live on the npm registry. We have submitted takedown requests to the npm security team and petitioned for the suspension of the associated accounts.
The full list of packages is provided in the IOCs …
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
Kirill Boychenko
July 15, 2025
The Socket Threat Research Team has uncovered a new North Korean software supply chain attack involving a previously unreported malware loader we call XORIndex. This activity is an expansion of the campaign we reported in June 2025, which deployed the HexEval Loader. In this latest wave, the North Korean threat actors behind the Contagious Interview operation infiltrated the npm ecosystem with 67 malicious packages, collectively downloaded more than 17,000 times. 27 of these packages remain live on the npm registry. We have submitted takedown requests to the npm security team and petitioned for the suspension of the associated accounts.
The full list of packages is provided in the IOCs …