Dino_reborn npm malware campaign with Adspect cloaking

Related Happenings

Timeline

1. 18.11.2025 18:00 2 articles · 6mo ago

   Socket uncovers dino_reborn npm malware campaign

   Initial Disclosure

   The Socket Threat Research Team uncovered a dino_reborn campaign built around seven npm packages, including signals-embed, dsidospsodlks, applicationooks21, application-phskck, integrator-filescrypt2025, integrator-2829 and integrator-2830. The packages executed automatically, fingerprinted visitors with 13 data points, forwarded them through Adspect API cloaking, showed a white page to suspected researchers, and presented fake CAPTCHAs branded standx.com, jup.ag or uniswap.org to potential victims before redirecting them to malicious URLs. Takedown requests later placed all seven packages into security holding.

   Show sources

   • New npm Malware Campaign Redirects Victims to Crypto Sites — www.infosecurity-magazine.com — 18.11.2025 18:00
   • New npm Malware Campaign Redirects Victims to Crypto Sites — www.infosecurity-magazine.com — 18.11.2025 18:00

   Open in new tab