Article Details

Poisoned WhatsApp API package steals messages and accounts. And it's especially dangerous because the code works. A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests credentials and contacts, and hijacks users' WhatsApp accounts. According to Koi Security, the lotusbail npm package has been available for download for six months, and it's especially dangerous because the code works. "This one actually functions as a WhatsApp API," Koi Security researcher Tuval Admoni said in a Sunday blog. "It's based on the legitimate Baileys library and provides real, working functionality for sending and receiving WhatsApp messages." In addition to working as advertised, the secret-stealing library, which is a fork of the legitimate @whiskeysockets/baileys package, uses WebSocket to communicate with WhatsApp. However, this means that every WhatsApp communication passes through the socket wrapper, allowing it to capture your credentials when you log in and intercept messages as they are sent and received. "All your WhatsApp authentication tokens, every message sent or received, complete contact lists, media files - everything that passes through the API gets duplicated and prepared for exfiltration," Admoni wrote. The malware also uses a custom RSA implementation to encrypt the data, plus four layers of obfuscation - Unicode manipulation, LZString compression, Base-91 encoding, and AES encryption - before sending the stolen info to an attacker-controlled server. Plus, it backdoors the user's WhatsApp account via the chat app's device pairing process, linking the attacker's device to the victim's. This means even after uninstalling the malicious npm package, the attacker's device can remain linked to the unknowing user's WhatsApp account. This latest poisoned package illustrates the ever-growing supply chain risk and follows several cases of cryptocurrency, credential and other secret-stealing npm libraries, plus bots flooding the registry with spammy packages in massive token farming campaigns. The Register recently spoke with Tea co-founder and CEO Tim Lewis about these incidents after more than 150,000 malicious npm packages, all linked to a Tea token farming campaign, forced the founders to shut down the incentive program's rewards and redesign the protocol ahead of its mainnet launch in early 2026.  "I view this as a canary in the coal mine," Lewis said. "When you are a destructive organization ... there's incentive to use this same technique to attack [supply chains]. So we need to fix the core."