Compromised npm Package ‘rand-user-agent’ Spreads Remote Access Trojan – Critical Supply Chain Alert

Compromised npm package ‘rand-user-agent’ delivers a Remote Access Trojan (RAT). Learn how this supply chain attack threatens developer ecosystems and how to defend.

Introduction: The Supply Chain Threat

The compromised npm package ‘rand-user-agent’ is the latest example of a growing cybersecurity threat that weaponizes open-source software supply chains. This incident involves the stealthy deployment of a Remote Access Trojan (RAT), capable of full device compromise, through a package that masqueraded as a benign utility for rotating user-agent strings.

As development environments increasingly depend on third-party packages, attackers are targeting ecosystems like npm, PyPI, and RubyGems to insert malicious code into build chains and developer machines.

Overview of the Compromised npm Package ‘rand-user-agent’

Published on npm, rand-user-agent appeared to provide functionality for generating random user-agent strings — a common need in web scraping and automation. However, researchers discovered that one version of the package contained obfuscated JavaScript designed to fetch a secondary payload from a remote server.

Key details:

• Package Name: rand-user-agent
• Malicious Versions Identified: 1.0.4 (latest)
• Behavior: Executes post-install scripts to connect to attacker infrastructure
• Target Platforms: Node.js environments, especially CI/CD runners and developer machines
  

Technical Breakdown of the RAT Payload

Upon installation, rand-user-agent executes a postinstall hook embedded in its package.json. This hook triggers an obfuscated script that reaches out to a command-and-control (C2) server to download a second-stage payload — a RAT with advanced surveillance capabilities.

Features of the deployed RAT:

• Persistence Mechanisms: Adds itself to system autostart
• Command Execution: Allows shell access to the compromised system
• File Exfiltration: Scans for SSH keys, config files, .env files
• Keylogging and Clipboard Monitoring: Stealthy collection of user inputs
• Reverse Shell Support: Maintains persistent remote access
  

The script disguises its outbound network activity using DNS over HTTPS (DoH) and encrypts payloads with base64 + XOR for evasion.

Infection Vector and Execution Flow

1. Developer runs npm install rand-user-agent
2. Post-install script executes hidden payload
3. System beacon sent to C2 server with machine metadata
4. Stage-two RAT downloaded and executed
5. RAT establishes persistence and starts surveillance
   

This flow is entirely automated and executes without explicit developer interaction — making it highly effective in environments that automate dependency installation (e.g., CI/CD pipelines).

Indicators of Compromise (IOCs)

Network IOCs:

• hxxp://185.172.128[.]91/rats/payload.js
• hxxps://dns.google/dns-query (DoH abuse)
  

File IOCs:

• .tmp_agent.js in user home directory
• ~/.config/.sysd/daemon.js
• Modified .bashrc or .zshrc to invoke malicious script
  

Behavior IOCs:

• Unexpected curl or wget activity from build runners
• Outbound connections to non-standard ports (8081, 1337)
  

Security teams should hunt for unauthorized npm install logs or anomalous access to npm registries to detect potential lateral movement.

Risk to DevOps Pipelines and CI/CD Systems

The biggest risk lies in automated environments like:

• GitHub Actions
• GitLab Runners
• Jenkins Build Agents
• Dockerfiles installing packages without lockfiles
  

Because build systems often run with elevated permissions and lack user oversight, malicious packages like rand-user-agent can inject persistent malware without detection.

Potential impact includes:

• Leaking source code
• Compromising secrets in environment variables
• Pivoting into production infrastructure via cloud credentials
  

Mitigation and Incident Response Recommendations

1. Immediate Actions:

• Revoke and rotate any credentials or tokens exposed to CI/CD
• Remove the package and audit package-lock.json or yarn.lock
• Inspect developer machines for the above IOCs
• Block known malicious IPs and domains at the firewall
  

2. Harden npm Installations:

• Use --ignore-scripts with npm install to block post-install hooks
• Set up .npmrc to disallow scripts globally
• Pin dependency versions using lockfiles to prevent version drift
  

3. Monitor Package Metadata:

• Regularly scan package.json and package-lock.json for suspicious dependencies
• Monitor additions of postinstall, preinstall, or prepare scripts
  

4. Employ Supply Chain Security Tools:

• Socket.dev – Detects supply chain risks in npm packages
• Snyk – Monitors for vulnerabilities and malicious behaviors
• OWASP Dependency-Check – Integrates into CI for real-time alerts
  

How to Secure Your JavaScript Dependency Chain

The following are best practices to secure Node.js environments:

• Adopt Software Bill of Materials (SBOM) for full dependency visibility
• Enforce code reviews on changes to dependencies
• Use private npm registries or artifact proxies (e.g., Verdaccio)
• Implement runtime anomaly detection for build and dev systems
• Prefer well-established libraries with a strong update cadence and community trust
  

Conclusion

The rand-user-agent compromise is a stark reminder that the weakest link in modern development pipelines is often the supply chain itself. Attackers are increasingly targeting developer ecosystems to gain initial access, exfiltrate secrets, and plant persistent malware.

Organizations must treat npm install commands as privileged operations, scrutinize every new dependency, and implement robust auditing to defend against this evolving threat vector.