PolinRider Expands Across npm, Packagist, Go Modules, and Chrome Extensions

Confirmed
Discovered Jul 1, 2026

Socket reports 162 malicious release artifacts across 108 packages and extensions, with hidden JavaScript loaders targeting developer environments across four ecosystems.

0
Affected Packages
7
Observables
1
Sources

Defender Action Panel

Triage this incident quickly

Check whether your environment installed affected software, copy the top IOCs, run the tested hunting script when available, then review remediation guidance.

Current dossier state
needs review
Last verified
Not yet independently verified
Am I affected?
Review affected software below
Immediate action
Audit locks, CI runners, developer workstations, and credential exposure.
Hunting
Has hunting script
Observed fact
Direct-source and cited evidence only.
Informed inference
Analysis is labelled where evidence is indirect.
Unknown
Unverified scope remains explicitly open.
Aptos RPC
eval(
TRON RPC
[.]vscode/tasks[.]json
code --folder-uri

Analysis

Executive Summary

Socket reports 162 malicious release artifacts across 108 packages and extensions, with hidden JavaScript loaders targeting developer environments across four ecosystems. [1]

This is a campaign-level source-of-truth post, not one post per package. Socket links the activity to the broader North Korean Contagious Interview / Famous Chollima cluster; Halting Problems preserves that source wording and does not independently strengthen attribution. Socket reports traces in 80 Go modules, 10 Packagist packages, one Chrome extension, and additional npm artifacts, with 162 malicious releases across 108 packages/extensions. [1]

Key Facts

Analysis table
FactValue
Affected ArtifactCampaign inventory maintained by Socket live tracking
Ecosystemnpm, packagist, go, chrome-extension
Malicious VersionsPublic source inventory is dynamic or exact versions were not reproduced here
Exposure WindowOngoing as of 2026-07-01
Immediate ActionPreserve evidence, isolate systems where execution occurred, and rotate exposed secrets from a clean host

Evidence Assessment

Analysis table
AssessmentClaimEvidence
Confirmed by reportingobfuscated JavaScript loaders hidden in repositories or fake font files execute through developer tooling such as VS Code tasksSource 1
Confirmed by reportingwhitespace-padded JavaScript loaders; fake .woff2 payload hiding; VS Code task execution; force-pushed or anti-dated commits; blockchain/public RPC retrieval and XOR decryptionSource 1
UnclearComplete victim count, exact exposure per organization, and exhaustive version listNot established by the supplied sources

Impact Determination

Analysis table
Exposure ClassificationCriteriaRequired EvidenceRequired ActionClosure Gate
Confirmed compromisePayload execution or matching malicious artifact/process/network evidenceHost timeline, dependency metadata, process and network logsIsolate, preserve, rebuild, rotate exposed credentialsKnown-good rebuild plus negative hunts and downstream identity audit
Exposure onlyAffected selector present but no execution evidenceLockfile/repository history and installation logsQuarantine artifact and investigateDocumented non-execution determination

Minimum Evidence To Collect

  • Dependency and repository records: collect lockfiles, package caches, Git history, release metadata, and CI logs to establish whether an affected selector reached the environment.
  • Endpoint evidence: collect process trees, shell history, EDR telemetry, persistence records, and network logs to distinguish dependency presence from payload execution.
  • Identity evidence: collect repository, registry, cloud, and secret-access audit logs because developer execution can expose tokens available to the process.

Timeline

  • 2026-07-01 UTC: Supplied research was published or updated; exact malicious publication times remain in the source's evolving inventory. [1]

What Happened

This is a campaign-level source-of-truth post, not one post per package. Socket links the activity to the broader North Korean Contagious Interview / Famous Chollima cluster; Halting Problems preserves that source wording and does not independently strengthen attribution. Socket reports traces in 80 Go modules, 10 Packagist packages, one Chrome extension, and additional npm artifacts, with 162 malicious releases across 108 packages/extensions. [1]

Initial Access

This is a campaign-level source-of-truth post, not one post per package. Socket links the activity to the broader North Korean Contagious Interview / Famous Chollima cluster; Halting Problems preserves that source wording and does not independently strengthen attribution. Socket reports traces in 80 Go modules, 10 Packagist packages, one Chrome extension, and additional npm artifacts, with 162 malicious releases across 108 packages/extensions. [1]

Execution Trigger

Obfuscated javascript loaders hidden in repositories or fake font files execute through developer tooling such as vs code tasks. [1]

Payload Behavior

Reported behaviors include whitespace-padded JavaScript loaders; fake .woff2 payload hiding; VS Code task execution; force-pushed or anti-dated commits; blockchain/public RPC retrieval and XOR decryption. [1]

Credential or Data Collection

Treat credentials accessible to an executed developer process as potentially exposed. This is a response assumption, not proof that every listed credential was collected.

Defense Evasion

The supplied reporting describes techniques intended to hide malicious changes or execution in trusted developer workflows. [1]

Exfiltration and Command and Control

Use the machine-readable profile only for sourced infrastructure. Absence of an IOC here does not establish absence of network activity.

Affected Assets and Blast Radius

Prioritize developer workstations, CI runners, repositories, package caches, and credentials present during execution. Presence alone is exposure; execution evidence raises the case to confirmed compromise.

Indicators of Compromise

See iocs.json; prose intentionally avoids presenting source/advisory URLs as attacker IOCs.

Detection and Hunting

Run scripts/hunt_polinrider_cross_ecosystem_campaign.py PATH. It recursively scans exported text, JSON, CSV, lockfiles, and logs for the incident-specific selectors embedded in the script. A match is a triage lead, not proof. False positives include documentation or threat-intelligence records. Escalate matches by preserving the file and correlating timestamps with process/network telemetry.

Downstream Abuse Audits

If execution is confirmed, audit repository token use, package publication, CI workflow changes, cloud sessions, and newly created credentials from the first possible exposure time. Rotate secrets from a clean host.

Remediation and Recovery Gates

  1. Preserve dependency, repository, endpoint, and identity evidence before cleanup.
  2. Stop package installation and isolate systems with execution evidence.
  3. Revoke active sessions and rotate process-accessible credentials from a clean machine.
  4. Remove malicious artifacts, inspect persistence, and rebuild confirmed-compromised systems.
  5. Restore only verified releases and lockfiles; require review of developer-task configuration and repository history.
  6. Audit downstream repository, registry, CI, and cloud activity.
  7. Close only after negative hunts, verified rebuilds, completed credential decisions, and a documented UTC incident timeline.

Open Questions

  • Which exact versions and release timestamps intersect the organization's dependency history?
  • Did the payload execute, and which credentials were present?
  • Are additional artifacts still being added to the source's live inventory?

Timeline

3 of 3 rows

Timeline
DateEventDescriptionSource
Jul 1, 2026PolinRider Expands Across npm, Packagist, Go Modules, and Chrome ExtensionsUnknownSocket
Jul 1, 2026DiscoveryDiscovery recorded for PolinRider Expands Across npm, Packagist, Go Modules, and Chrome Extensions.Socket
Jul 1, 2026DisclosureDisclosure recorded for PolinRider Expands Across npm, Packagist, Go Modules, and Chrome Extensions.Socket

Affected Software

0 of 0 rows

Affected Software
PackageEcosystemVersion RangeStatusConfidenceSource
No rows match the active filters.

IOC Clipboard

7 IOCs
network_patternAptos RPC
commandeval(
network_patternTRON RPC
file_path.vscode/tasks.json
commandcode --folder-uri
network_patternBNB Smart Chain RPC
file_path*.woff2

Tested Hunting Scripts

1 of 1 rows

Tested Hunting Scripts
TitleLanguageDescriptionRepositorySource
PolinRider Expands Across npm, Packagist, Go Modules, and Chrome Extensions evidence scopePythonDo exported repository, dependency, endpoint, or network records contain incident selectors?scripts/hunt_polinrider_cross_ecosystem_campaign.py opens in a new tabSocket

Hunt Manifest: PolinRider Expands Across npm, Packagist, Go Modules, and Chrome Extensions evidence scope

Title
PolinRider Expands Across npm, Packagist, Go Modules, and Chrome Extensions evidence scope
Question
Do exported repository, dependency, endpoint, or network records contain incident selectors?
Telemetry Family
Python
Repository
scripts/hunt_polinrider_cross_ecosystem_campaign.py
Show tested hunting scriptscripts/hunt_polinrider_cross_ecosystem_campaign.py
scripts/hunt_polinrider_cross_ecosystem_campaign.py opens in a new tabPython
#!/usr/bin/env python3
"""Static scanner for polinrider-cross-ecosystem-campaign; never executes artifacts."""
import fnmatch,pathlib,sys,json
SELECTORS=['*.woff2', '.vscode/tasks.json', 'Aptos RPC', 'BNB Smart Chain RPC', 'TRON RPC', 'code --folder-uri', 'eval(']
def matches(selector,p,text):
 if any(ch in selector for ch in '*?['):
  return fnmatch.fnmatch(p.name.lower(),selector.lower()) or selector.lower() in text
 return selector.lower() in text
def scan(root):
 out=[]
 for p in pathlib.Path(root).rglob('*'):
  if not p.is_file(): continue
  try: text=p.read_text(errors='ignore').lower()
  except OSError: continue
  hits=[s for s in SELECTORS if matches(s,p,text)]
  if hits: out.append({'path':str(p),'selectors':hits})
 return out
if __name__=='__main__':
 if len(sys.argv)!=2: raise SystemExit('usage: hunt_polinrider_cross_ecosystem_campaign.py PATH')
 hits=scan(sys.argv[1]); print(json.dumps(hits,indent=2)); raise SystemExit(2 if hits else 0)

Provenance & Sources

1 of 1 rows

Provenance & Sources
SourceTypeReliabilityClaimsEvidence
SocketVendor95%1Socket reports 162 malicious release artifacts across 108 packages and extensions, with hidden JavaScript loaders targeting developer environments across four ecosystems.