NPM Package With 56K Downloads Caught Stealing WhatsApp Messages

13 points by siddhartha_golu

sigmonsez

there is something wrong in the ecosystem if this keeps happening with npm. I personally will stay away from it because of it.

bakkot

There is nothing about this attack which would have been any different with PyPI, Cargo, or Maven.
- arvyy
  
  working with maven, one major thing I like is the existence of large umbrella groups with reputable track record. I have few qualms at work when majority of needs are covered by spring or apache
  - bakkot
    
    None of those groups provide a WhatsApp API, which is what this package did. The other recent attacks were also mostly things like the Zapier SDK or whatever - again not things you'd be getting from Apache Commons.
- bitshift
  
  I mean, yes and no? On one hand, there are things about NPM that don't help, such as the culture toward many small dependencies, or having more devs who are newer to software development and might be less vigilant.
  
  On the other hand, it doesn't seem like NPM is uniquely rotten. It's huge in comparison (~3M packages, versus PyPI at ~700k or RubyGems at ~200k), so you'd naturally expect it to have a larger share of malicious packages—in fact, it should have an outsized share due to network effects. And I couldn't find a great summary source, but searching around for software supply chain attacks, they are happening in other ecosystems as well (link from mid 2025).
  
  I don't think it's strictly an ecosystem thing if it infects the entire planet.
hwayne

AI-assisted writeup, also while the package has been removed from github it still seems to be up on npm. Did these people actually notify npm about a malicious package or just write about it?
olliej

I'm curious about how it can interpose between whats app or any other application - I don't understand why a default configuration allows arbitrary network connections, and I don't understand why the container or system sandboxing isn't also configured by default to disallow this kind of thing.

Capturing credentials would have not been possible if something like fido/passkeys because by design nothing reusable is exposed during authentication - note when I say "something like" here I mean in the sense of authentication design, not necessarily OS provided UI.

Finally it's absurd to me that apparently such MiTM attacks are even possible - these attacks are not new and I'd expect companies at this scale to have designed in protection against it.

(Actually one final note: why are the attackers using RSA? seriously? :D)
- ki9
  
  As I understand it, the package pretends to be a legit whatsapp sdk that devs include in js apps theyre making. So the devs configure the sdk with their whatsapp keys or feed in user-supplied credentials.