rand-user-agent carried RAT

On May 5, 2025, researchers at Aikido spotted a fresh release of rand-user-agent on npm that carried a remote access trojan, hidden behind a wall of whitespace inside the package's compiled output. The package's GitHub repository still showed clean source; the registry, by contrast, held versions the project had never published.

rand-user-agent is a small JavaScript helper that returns a random browser User-Agent string, popular with web-scraping projects and maintained under the WebScrapingAPI organization. Aikido said it detected the first malicious release at 16:00 UTC, and ultimately identified three affected versions: 1.0.110, 2.0.83, and 2.0.84.

The first stage lived in dist/index.js, where the attacker pushed the payload off the right edge of the file with horizontal whitespace so a reviewer scrolling through the diff would see only the legitimate code. Once decoded, the script installed or loaded axios and socket.io-client under ~/.node_modules, a custom directory chosen to avoid conflicting with the project's own dependency tree, and then opened a Socket.IO channel to 85.239.62.36:3306. The implant uploaded files through 85.239.62.36:27017/u/f, beaconed hostname and username, accepted directory and upload commands, and executed arbitrary shell input through child_process.exec(). On Windows, it also prepended %LOCALAPPDATA%\Programs\Python\Python3127 to PATH, a quiet path-hijack against any command that resolved Python tooling by name.

npm removed the malicious versions after Aikido's disclosure. The same C2 address, 85.239.62.36, would surface a month later in the gluestack-ui compromise (see [[gluestack-ui]]), suggesting either shared infrastructure or a common operator.

Motive

Unauthorized Access Control

Attribution

Person

Cause

Compromised Account Credentials

Transitive

No

Actor

Individual Hacker

User Impact

45000

• RATatouille: A Malicious Recipe Hidden in rand-user-agentaikido.dev
• rand-user-agentnpmjs.com