Hijacked npm Packages Trigger VS Code Tasks for Blockchain-Resolved Python Stealer
Hijacked npm and Go packages used VS Code auto-tasks and blockchain resolvers to deliver a cross-platform Python infostealer. The campaign recycles Fake Font tactics linked to Contagious Interview. It underscores deepening erosion of trust in open-source developer tooling.
The packages html-to-gutenberg and fetch-page-assets contained .vscode/tasks.json configured to run eslint-check on workspace open. Execution pulled encrypted JS from blockchain transactions, established a socket.io backdoor, and launched a Python loader harvesting Chromium, Firefox, wallet, and Git credentials across Windows, Linux, and macOS. JFrog's analysis confirms the chain avoided npm lifecycle scripts entirely. Evidence from OpenSourceMalware tracking shows identical font-file disguise and blockchain dead-drop patterns in prior Fake Font operations since 2023. No packet captures or binary hashes have been publicly released to confirm operator identity beyond tactic overlap. The Go cluster remains undetailed in available reports. This marks continued refinement of developer-targeted supply chain operations that bypass registry hardening and IDE trust prompts. Similar patterns appear in earlier Contagious Interview waves, indicating sustained investment in IDE and package ecosystem persistence rather than one-off campaigns. Next indicators include new packages reusing the same tasks.json structure or TronGrid resolver domains. Registry monitoring for folderOpen tasks will surface additional instances within weeks.
Sentinel: At least three additional npm packages using identical tasks.json runOn folderOpen will appear in public feeds before July 15, 2026.
Sources (3)
- [1]JFrog Security Research(https://jfrog.com/blog/hijacked-npm-packages-vscode-tasks/)
- [2]The Hacker News(https://thehackernews.com/2026/06/hijacked-npm-and-go-packages-use-vs.html)
- [3]OpenSourceMalware Fake Font Report(https://github.com/OpenSourceMalware/FakeFont)