Hackers Use Hugging Face to Deliver npm Malware

GBHackers reports a newly uncovered npm supply chain campaign that distributed a malicious package called terminal-logger-utils, with dependent libraries pretty-logger-utils, ts-logger-pack, and pinno-loggers that triggered the payload during installation. Per GBHackers, the initial compromise runs a postinstall script that launches an obfuscated JavaScript dropper utils.cjs, which profiles the host and downloads a platform-specific second-stage payload. CybersecurityNews reports a related package, js-logger-pack, that similarly launched a detached background downloader and retrieved one of four Node.js Single Executable Application (SEA) binaries from a public Hugging Face repository identified as Lordplay/system-releases. CybersecurityNews further reports that the operator used private Hugging Face datasets to store exfiltrated files. GBHackers attributes portions of the activity to an operator using the alias "jpeek895" and cites prior research documented by kmsec.uk. TechRadar's prior coverage documents earlier npm abuse linked to North Korean state-aligned groups, providing historical context for state-linked activity in the ecosystem.

GBHackers reports the attack chain begins with a malicious postinstall that runs utils.cjs, acting as a dropper. Per GBHackers, the dropper downloads a platform-specific second-stage binary which is a bundled Node.js executable containing the same implant across Windows, macOS, and Linux. CybersecurityNews reports the four SEA binaries are functionally identical wrappers around a single cross-platform JavaScript implant. Reported runtime behaviors include system profiling, continuous keystroke logging, clipboard monitoring, arbitrary file read/write, and remote command execution. Reported persistence mechanisms include scheduled tasks and a registry Run key on Windows, LaunchAgent entries on macOS, and systemd user units on Linux. CybersecurityNews reports the implant communicated system information to a hard-coded IP at 195.201.194.107 over WebSocket before redirecting stolen files into private Hugging Face datasets.

Editorial analysis: Public coverage frames this campaign as part of a broader shift where attackers abuse widely trusted developer and cloud services for both malware delivery and data staging. Observers have documented a growing pattern in which adversaries host payloads and stolen artifacts on platforms that are frequently whitelisted by enterprise network controls, increasing dwell time and complicating detection and takedown.

Editorial analysis: For security teams and developers, the salient risk is not only malicious packages masquerading as benign dependencies but also the reuse of legitimate hosting platforms like Hugging Face as an adversary-controlled content distribution and storage layer. This complicates allowlist-based network defenses and raises the bar for supply chain hygiene because attackers can mix innocuous assets with malicious payloads in the same hosting environment.

Editorial analysis: Observers should track these indicators and signals across supply-chain telemetry: unusual postinstall or lifecycle scripts in new or unmaintained packages; npm packages with recent repackaging or many transitive dependents; outbound requests to public model or dataset hosting endpoints tied to new repositories such as Lordplay/system-releases; and suspicious uploads to private dataset spaces. Security teams may also watch for recurring aliases and account clusters reported in vendor writeups, such as the alias "jpeek895" and related npm accounts cited by GBHackers. Finally, coordination between package registries, hosting platforms, and threat intel providers will determine how quickly hosted payloads and exfiltration targets are removed.

All reported technical findings and actor attributions above are taken from GBHackers and CybersecurityNews reporting and from prior public reporting cited by TechRadar. Where attribution to North Korea appears, it is documented in TechRadar's prior coverage of npm abuse and in GBHackers' reporting; CybersecurityNews' technical writeup focuses on technical details.