Security researchers have identified a malicious package in the npm registry that employed a novel technique to evade AI-based security tools. The package, named warbeast-1, was an information-stealing malware designed to exfiltrate sensitive user data from compromised systems.

Discovered by the research team at ReversingLabs, the package was published to the npm open-source repository on May 24, 2024. The threat actor behind the campaign, tracked as ‘warbeast,’ is also linked to a previous typosquatting campaign from April 2024 that distributed similar info-stealing malware.

AI Evasion Through Manifest Manipulation

The primary innovation of the ‘warbeast-1’ package was its method for bypassing AI-powered detection systems. The threat actor manipulated the package’s package.json manifest file by inserting a long string of seemingly legitimate but nonsensical keywords. This technique, known as ‘keyword stuffing,’ was specifically designed to confuse machine learning models responsible for scanning and classifying new packages.

According to ReversingLabs, this manipulation caused AI security models to misclassify the package. The abundance of benign-sounding keywords in the manifest file led the models to assign the malicious package a safe, or benign, score. This allowed the info-stealer to remain undetected by automated security checks that rely on such AI analysis.

An Information-Stealing Payload

The ultimate goal of the ‘warbeast-1’ malware was data theft. Once executed, its payload targeted sensitive information stored in web browsers. The malware was crafted to steal credentials such as authentication tokens, passwords, and cryptocurrency wallet information. This type of data is highly valuable and can be used for financial theft, identity fraud, and unauthorized access to online accounts.

Following its discovery by researchers shortly after it was published, the ‘warbeast-1’ package was removed from the npm registry. The incident highlights an evolving tactic used by threat actors to circumvent automated defenses within the open-source software supply chain.

Source: https://www.infosecurity-magazine.com/news/malware-ai-detection-npm-package/