ViteVenom targets Vite developers
Security researchers have identified a cluster of seven malicious npm packages that target developers using the Vite JavaScript frontend build tool. Checkmarx has codenamed the campaign ViteVenom. The packages were published between June 29 and July 3, 2026, and together accumulated modest download counts—but enough to concern the supply-chain community because the packages execute malicious code at import time rather than at install time.
- @uw010010/vite-tree (1,070 Downloads)
- @vite-tab/tab (289 Downloads)
- @vite-ln/build-ts (252 Downloads)
- @vite-mcp/vite-type (239 Downloads)
- @vite-pro/vite-ui (200 Downloads)
- @vitets/vite-ts (194 Downloads)
- @vite-ts/vite-ui (176 Downloads)
Expansion of ChainVeil and a four-tier blockchain C2
ViteVenom represents an expansion of an earlier campaign Checkmarx calls ChainVeil. Both campaigns use an "unprecedented" four-tier blockchain-based command-and-control (C2) infrastructure that spans the Tron blockchain, Aptos, and Binance Smart Chain (BSC) to deliver a remote access trojan (RAT). Checkmarx attributes the activity to a threat actor named SuccessKey and notes evidence of malicious activity dating back to February 27, 2026, when cryptocurrency wallets linked to ViteVenom were first activated.
How the packages retrieve and deliver the RAT
The malicious packages act as loaders and deliberately avoid executing at install time; instead they trigger when the package is imported, a tactic that can limit endpoint detections. Once active, the loader reaches out to blockchain infrastructure to obtain the next stage of the attack. Checkmarx lays out the retrieval chain in concrete steps:
- Query the Tron blockchain for the latest transaction from the attacker's wallet.
- Decode and reverse the transaction data field to obtain a BSC transaction hash.
- Query the BSC transaction to extract the encrypted payload from its input field.
- Decrypt the payload using a hard-coded key.
The retrieved payload then queries the blockchain for the C2 configuration and a next-stage loader that launches the RAT. The RAT itself is capable of establishing a reverse shell, harvesting credentials, exfiltrating files, and injecting a persistent backdoor. If the Tron-based retrieval fails, the malware falls back to Aptos; there is also a contingency that fetches the RAT directly from the C2 server over HTTP, bypassing the blockchain entirely.
Scoped typosquats, shared infrastructure, and compartmentalization
Unlike earlier ChainVeil typosquats that used unscoped names—examples included libraries posing as Tailwind, Sass, ORM, and rate-limiting tools—ViteVenom uses scoped package names that mimic the @vitejs/* namespace to appear more legitimate. At the same time, ChainVeil and ViteVenom share tier-2 infrastructure: Checkmarx found the same Tron wallet and Aptos account addresses used across campaigns, which ultimately point to the same BSC transaction that delivers the malware.
Checkmarx also flagged operational compartmentalization: "The surface-level differences - different package names, different maintainer accounts, different Tier-1 wallets, different malicious file paths - are consistent with how a single operator would compartmentalize multiple distribution tracks to limit exposure," the company said.
What this means for developers, security teams, and open-source maintainers
Developers who have installed the flagged packages are advised to remove them immediately and audit their dependency trees. Checkmarx recommends rotating all credentials and searching for unauthorized modifications to shell startup files such as .bashrc, .zshrc, and .profile. Security teams should be aware that import-time execution and a blockchain-based retrieval chain can blunt traditional endpoint detections, and that a fallback HTTP delivery path exists which bypasses the blockchain controls. Open-source maintainers should note the use of scoped names that impersonate trusted namespaces and consider tightening namespace monitoring and package review processes.
ViteVenom underscores a shift in supply-chain tactics: storing payload pointers in public blockchain transactions makes the C2 infrastructure resilient to takedown, while scoped typosquatting and operational compartmentalization increase the difficulty of attribution and mitigation. Checkmarx's findings leave clear, immediate steps for defenders, and a pointed question for platform operators and registry maintainers: how to adapt protections when attackers use public blockchains as persistent distribution channels.




