npm Packages Hit with TeamPCP-Style CanisterWorm Malware
Essential information
- Published
- 22/04/2026 18:22
- Modified
- 27/04/2026 14:36
- Source / Author
- AlienVault
- Confidence
- 100/100
- Report type(s)
- threat-report
- Labels / Tags
- canisterworm credential theft icp canister npm pypi self-propagating supply chain attack worm
- Tags
- 2026-04-22 canisterworm credential-theft icp canister npm pypi self-propagating supply chain attack worm
- Related entities
- 9 indicators, 9 observables, 1 intrusion sets (apt), 17 techniques (mitre), 1 malware, 3 others
Description
Malicious npm packages associated with Namastex.ai were compromised with malware exhibiting tradecraft similar to TeamPCP's CanisterWorm campaign. The attack targeted packages including @automagik/genie and pgserve, implementing install-time execution that harvests credentials, environment variables, SSH keys, cloud credentials, browser data, and crypto-wallet artifacts. The payload exfiltrates stolen data to both a conventional webhook at telemetry.api-monitor.com and an Internet Computer Protocol canister endpoint. It incorporates self-propagation logic to compromise additional npm packages using stolen publishing tokens and includes cross-ecosystem spreading capabilities targeting PyPI. The malware uses hybrid encryption with RSA and AES-256-CBC for data exfiltration. Multiple package namespaces were affected, suggesting shared infrastructure or coordinated compromise across publisher accounts.