coa npm hijack shipped malware

coa was a small command-line option parser with a large dependency shadow. On November 4, 2021, attackers used compromised maintainer access to publish multiple malicious versions across active release lines. The packages arrived through the registry as legitimate coa releases.

The delivery path was npm installation. Downstream projects and build tools could pull the poisoned releases indirectly, and the install-time code focused on Windows hosts. It fetched and ran additional malware intended to steal credentials.

The malicious package used a preinstall hook to run compile.js before normal installation finished. That placement mattered: the payload did not wait for an application to import coa or call its parser. Dependency resolution was enough to give the attacker code execution in developer and build environments.

The event overlapped with the rc compromise and showed the same failure mode as earlier npm incidents. A trusted package name, a valid publisher path, and enough dependency gravity put malicious code on machines that never made an explicit decision to trust coa.

Motive

Credential Theft

Attribution

Group

Cause

Compromised Account Credentials

Transitive

No

Actor

UNC3379

• GitHub Advisory: Embedded malware in coagithub.com
• Last release contains malicious codegithub.com
• Malware found in coa and rc, two npm packages with 23M weekly downloadstherecord.media
• No Unaccompanied Miners: Supply Chain Compromises Through Node.js Packagescloud.google.com