A North Korean-linked threat campaign tracked as PolinRider has been systematically compromising open source maintainer accounts to inject malicious loaders into legitimate repositories, according to research from Socket. Active since December 2025, the operation has so far produced 162 malicious release artifacts spread across 108 unique packages, with researchers expecting additional packages to surface as the campaign continues.
Tactics and Tooling
PolinRider is associated with the broader Contagious Interview operation, which overlaps with activity tracked under the names DeceptiveDevelopment, Operation Dream Job, and ClickFake Interview. The campaign targets developers working across NPM, Packagist, Go modules, and Chrome extensions.
Attackers compromise maintainer accounts and push infected packages to otherwise legitimate repositories. To obscure the timeline of malicious changes, they rewrite Git history so the modifications appear older than they are. The injected payloads consist of obfuscated JavaScript loaders that connect to blockchain and public remote procedure call (RPC) infrastructure to retrieve encrypted second-stage payloads. Those payloads deliver the DEV#POPPER remote access trojan and the OmniStealer information stealer.
Confirmed Incidents
- A GitHub account named Xpos587, which maintains several repositories, was modified on June 23 within a short timeframe.
- The campaign expanded to Packagist, where packages under the sevenspan namespace were compromised. Malicious loaders were hidden inside configuration files and were not caught during an initial cleanup operation.
Scope of Risk and Remediation
Because PolinRider targets developer workstations, the credentials most at risk include package registry tokens, source code repository access, cloud provider credentials, and CI/CD pipeline secrets. Socket advises that any team that installed an affected package or extension version should consider the installation environment potentially compromised pending a thorough review.
Critically, Socket recommends that remediation be performed from a clean, unaffected machine rather than from the potentially infected host, given the breadth of credential types the malware can harvest. Organizations should audit their dependency trees against the list of known malicious packages and treat any matching environment as hostile until fully investigated.
