Skip to main content
Emerging ThreatsMalware & Ransomware

Shai-Hulud Malware Fuels npm Infostealer Campaign

Blurred computer screen amidst software development environment with hint of unease.

"Here We Go Again - Let the Carnage Continue. A Gift from TeamPCP."

deadcode09284814 account and four malicious npm packages

Researchers at OXsecurity discovered over the weekend that an account named deadcode09284814 had published four malicious packages to the Node Package Manager (npm) index. The uploads used typosquatting — including misspelled names targeting Axios users — and a few generic package names. OXsecurity identified the four packages and their core behaviors:

  • chalk-tempalte – Shai-Hulud clone (information stealer)
  • @deadcode09284814/axios-util – Credential and cloud config stealer
  • axois-utils – Infostealer + persistent DDoS botnet (“phantom bot”)
  • color-style-utils – Basic infostealer targeting crypto wallets and IP info

The four packages had a combined download count of 2,678, according to the researchers.

chalk-tempalte: an unmodified Shai-Hulud source on npm

OXsecurity says the chalk-tempalte package contains a clone of the Shai-Hulud malware that has been attributed to the TeamPCP hacker group — the same group linked to a recent Mini Shai-Hulud software supply-chain attack. The copy on npm appears to be an almost exact copy of the leaked source code, with no obfuscation or protection, making it visually different from the original in ways that OXsecurity calls "incriminating evidence" this is a different actor from TeamPCP.

According to the report, the malware steals credentials, secrets, crypto wallet data, and account information. Stolen data is exfiltrated to a command-and-control server at 87e0bbc636999b[.]lhr[.]life. The code also retains a GitHub publishing function that uploads stolen credentials to public, auto-generated repositories.

axois-utils: infostealer plus persistent DDoS 'phantom bot'

All four rogue packages included routines that exfiltrated information such as credentials and configuration files, but axois-utils stood out because it also turned infected systems into DDoS bots. OXsecurity found that the package supports HTTP, TCP, and UDP floods as well as TCP reset attacks and discovered internal references to a "phantom bot," suggesting a persistent botnet capability layered on top of the infostealing functionality.

Shai-Hulud's leak and the campaign arc since September 2025

The Shai-Hulud malware source surfaced on GitHub last week with a message allegedly from TeamPCP reading, "Here We Go Again - Let the Carnage Continue. A Gift from TeamPCP." OXsecurity notes that the Shai-Hulud campaign has run in multiple iterations since September 2025, repeatedly stealing developers’ data by injecting malware into legitimate projects.

In prior iterations, the campaign stole credentials for accounts with publishing rights and then exposed the exfiltrated information in public GitHub repositories. OXsecurity also reports that other threat actors rapidly copied the leaked Shai-Hulud source and began modifying it to extend capabilities — a pattern now visible in the npm uploads.

What this means for developers, open-source maintainers, and security teams

OXsecurity’s immediate recommendation is straightforward and specific: developers who downloaded the infected npm packages should remove them and rotate credentials and API keys on affected systems. For open-source maintainers, the incident is a reminder that typosquatting and lookalike package names are active vectors for supply-chain abuse; packages using common library names or small misspellings are being leveraged to reach developers.

Security teams should note the operational details OXsecurity observed: exfiltration to a named C2 domain (87e0bbc636999b[.]lhr[.]life), public upload of credentials to auto-generated GitHub repositories, and the addition of DDoS capabilities in at least one package. These concrete artifacts — package names, C2 host, and GitHub upload behavior — provide detection and incident-response handles for defenders.

The rapid appearance of a near-exact copy of leaked Shai-Hulud source code on a mainstream package registry underscores how quickly leaked tooling can be weaponized and distributed via developer ecosystems. OXsecurity’s advice — remove the packages and rotate keys — is the immediate defensive step anchored to the observable artifacts reported this weekend.

Source: BleepingComputer — Leaked Shai-Hulud malware fuels new npm infostealer campaign