November 30, 2023

Researchers discovered 17 malicious packages in the NPM (Node.js package manager) repository that were developed to hijack Discord servers. The libraries allow stealing access tokens and environment variables from systems running giving the attackers full access to the victim’s Discord account.


The packages payloads range from info-stealers up to backdoors, experts pointed that the malicious packages use different infection tactics, including typosquatting, dependency confusion, and trojan functionality. 

We disclosed these 17 malicious packages to the npm code maintainers, and the packages were promptly removed from the npm repository a good indication these packages are indeed causing issues. Luckily, these packages were removed before they could rack up many downloads, so we managed to avoid a scenario like our last PyPI disclosure, where the malicious packages were downloaded tens of thousands of times before they were detected and removed.

Researchers Statement

These packages were promptly removed from the npm repository before they reached many downloads, avoiding a massive campaign

Below is the list of packages discovered by the experts:

PackageVersion PayloadInfection Method
prerequests-xcode1.0.4Remote Access TrojanUnknown
discord-selfbot-v1412.0.3Discord token grabberTyposquatting/Trojan (discord.js)
discord-lofy11.5.1Discord token grabberTyposquatting/Trojan (discord.js)
discordsystem11.5.1Discord token grabberTyposquatting/Trojan (discord.js)
discord-vilao1.0.0Discord token grabberTyposquatting/Trojan (discord.js)
fix-error1.0.0PirateStealer  malwareTrojan
wafer-bind1.1.2Environment variable stealerTyposquatting (wafer-*)
wafer-autocomplete1.25.0Environment variable stealerTyposquatting (wafer-*)
wafer-beacon1.3.3Environment variable stealerTyposquatting (wafer-*)
wafer-caas1.14.20Environment variable stealerTyposquatting (wafer-*)
wafer-toggle1.15.4Environment variable stealerTyposquatting (wafer-*)
wafer-geolocation1.2.10Environment variable stealerTyposquatting (wafer-*)
wafer-image1.2.2Environment variable stealerTyposquatting (wafer-*)
wafer-form1.30.1Environment variable stealerTyposquatting (wafer-*)
wafer-lightbox1.5.4Environment variable stealerTyposquatting (wafer-*)
octavius-public1.836.609Environment variable stealerTyposquatting (octavius)
mrg-message-broker9998.987.376Environment variable stealerDependency confusion

The threat actors behind these packages focus on Discord accounts for multiple reasons such as:

  • using the Discord servers as part of the command & control (C2) infrastructure behind malware campaign.
  • using the Discord servers as an anonymous exfiltration channel.
  • spreading malware to Discord users.
  • selling stolen Discord Nitro premium accounts.

Researchers highlighted the availability of a lot of Discord token grabbers on GitHub, along with build instructions, due to the popularity of the platform as an attack vector. This means that an attacker can easily develop its custom malware without extensive programming skills in a few minutes.


Public repositories have become a handy instrument for malware distribution: the repository’s server is a trusted resource, and communication with it does not raise the suspicion of any antivirus or firewall. In addition, the ease of installation via automation tools such as the NPM client, provides a ripe attack vector.

Leave a Reply

%d bloggers like this: