North Korea-Linked npm Packages Hijack Rollup Polyfill Names to Steal Dev Secrets
What Happened
Researchers at JFrog have identified a fresh wave of malicious npm packages linked to North Korean threat actors that impersonate legitimate Rollup polyfill tooling. The packages — rollup-packages-polyfill-core and rollup-runtime-polyfill-core — are live on npm and designed to establish remote access and exfiltrate developer secrets from any machine that installs them.
The campaign follows a well-worn DPRK playbook: pick a widely-used ecosystem (JavaScript/Node), clone the naming convention of a trusted package, and wait for developers to install it directly or pull it in as a transitive dependency. Rollup is a standard bundler used across frontend and full-stack projects, making polyfill-adjacent package names plausible enough to slip past a quick glance at package.json.
Why It Matters
This is a targeted developer supply-chain attack, not an end-user phishing campaign. If one of these packages lands in your build environment, the attacker gets:
- Shell access to the developer's machine or CI runner
- Credential theft — environment variables,
.envfiles, SSH keys, cloud tokens, and npm auth tokens are all in scope - Lateral movement potential — a compromised CI/CD runner with cloud credentials is a direct path into production infrastructure
North Korean supply-chain actors (tracked under clusters like Lazarus and Jade Sleet) have previously used this exact technique to pivot from a single npm install to a full cloud account compromise. The blast radius is not limited to the dev box.
The fake package names are close enough to legitimate ones that automated dependency audits won't flag them — they aren't typosquatting a single character, they're mimicking a plausible package family name.
What to Do Right Now
- Audit your dependencies immediately. Run
npm ls | grep rollupand check every Rollup-adjacent package against the official Rollup npm page. Any package namedrollup-packages-polyfill-coreorrollup-runtime-polyfill-coreshould be treated as malicious.
- Check CI/CD environments. If these package names appear anywhere in your pipeline's
node_modules, assume the runner is compromised. Rotate all secrets that runner had access to — npm tokens, cloud credentials, API keys, and SSH keys.
- Lock your dependency tree. Commit a
package-lock.jsonoryarn.lockand enforce integrity checking. Enablenpm auditin CI and fail the build on high-severity findings.
- Enable npm provenance checks where possible and restrict which registries your CI is allowed to pull from.
- Alert your team. If your org has shared npm credentials or a shared CI runner, this is a team-wide incident response, not a solo fix.
If you suspect an active compromise, treat it as a full credential rotation event — not just a package removal.
Synthesized by Claude · sanity-checked before publish.