Security researcher Paul McCarty recently uncovered an extensive, coordinated spam campaign in the npm ecosystem dubbed the “IndonesianFoods worm,” which flooded the npm registry with over 43,000 spam packages over nearly two years.
The campaign exploited at least 11 attacker-controlled user accounts to publish an unprecedented volume of junk packages, accounting for more than 1% of the entire npm ecosystem and remaining undetected by automated security scanners.
Technical Analysis of the Indonesian Foods Campaign
The IndonesianFoods worm is characterized by its distinctive naming scheme, which combines Indonesian personal names (e.g., “andi,” “budi,” “zul”) with Indonesian food terms (e.g., “rendang,” “sate,” “tapai”), appended by random numbers and suffixes like “-kyuki” or “-breki.”
Packages appear as legitimate Next.js projects, complete with standard configurations, React dependencies, and professional documentation to camouflage malicious intent.
The campaign’s core malicious behavior lies in dormant scripts (auto.js or publishScript.js) embedded but unreferenced within these packages, which are inert during installation and cause no immediate security alerts. When manually executed, the script runs an infinite loop cycling through three stages:
- Removing
"private": trueflags inpackage.jsonto make packages public - Randomizing version numbers to evade npm duplication checks
- Publishing new packages with randomized Indonesian-themed names every 7–10 seconds via
npm publish --access public
This results in a rapid publication rate of about 12 packages per minute or 17,000 packages per day. The sheer volume indicates multiple instances of script execution or an attacker controlling several compromised accounts to flood the npm registry.
A particularly insidious feature is the worm-like propagation through dependency chain infection: spam packages reference dozens of other spam packages as dependencies within their package.json files, causing exponential spreading and complicating cleanup.
Installing a single infected package can pull in over 100 malicious packages recursively, amplifying the impact on registry bandwidth and evading simple removal efforts.
Monetization via the TEA Protocol
A monetization aspect was uncovered where several attacker-controlled packages embed tea.yaml files listing multiple TEA protocol accounts, a blockchain-based open source contribution reward system.
By interlinking thousands of packages with circular dependencies that contain these files, attackers artificially inflated their open-source impact scores and claimed undeserved TEA token rewards.
One package’s README even boasted about TEA token earnings, and at least one maintainer appears to be an Indonesian software engineer, aligning with the campaign’s regional indicators.
This additional layer underscores that the attack evolved over multiple phases from initial spam flooding to leveraging cryptocurrency rewards, showing how spam and financial abuse can intertwine in supply chain attacks.
Implications and Response
Despite being described in April 2024, the scale and coordination of this sustained attack evaded detection for nearly two years, highlighting deficiencies in installation-time security scans that rely on active malicious code execution or lifecycle hook detection.
The packages are essentially dormant unless the payload script is manually triggered, rendering them benign by automated analysis standards.
The campaign’s discovery has prompted npm registry operators to consider tighter rate limiting, improved detection for bulk spam publishing, and stronger account verification measures to prevent repeat episodes.
Organizations are advised to audit dependencies for any packages linked to identified malicious accounts, such as voinza, yunina, and others, and implement security scanning enhancements to detect suspicious package groups, dependency chains, and abuse of protocols like TEA.
The IndonesianFoods worm exemplifies a paradigm shift in supply chain attacks, employing volume and persistence strategies rather than direct exploit code, disrupting trust in ecosystem integrity and posing significant cleanup challenges as thousands of spam packages pollute registry indexes.
The community response is underway, with database updates and blocklists, yet this campaign underscores the critical need for proactive, ecosystem-wide defenses against evolving supply chain threats.
Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates
