According to TheRegister.com, a malicious npm package named ‘lotusbail’ has been downloaded more than 56,000 times over the past six months while masquerading as a WhatsApp Web API. The package, discovered by Koi Security researcher Tuval Admoni, is a fork of the legitimate Baileys library and actually provides real, working functionality for sending and receiving messages. However, it secretly captures every piece of data that passes through it, including authentication tokens, all messages, complete contact lists, and media files. The stolen data is then encrypted with multiple layers of obfuscation before being sent to an attacker-controlled server. Even worse, the package backdoors the user’s WhatsApp account via device pairing, allowing an attacker’s device to remain linked even after the malicious code is removed.
Why this one is so scary
Here’s the thing that makes this attack particularly nasty: the package works as advertised. It’s not just a stub or a broken piece of code that would raise immediate red flags. As Admoni pointed out, it’s a fully functional API. So a developer looking for a quick way to integrate WhatsApp messaging into their project might test it, see it sends and receives messages perfectly, and then integrate it deeper. And that’s when the trap springs. Every single interaction is being mirrored. It’s the perfect wolf in sheep’s clothing because the sheep part is completely real.
The permanent backdoor problem
But the data theft is only half the story. The real long-term damage is the account hijacking. By abusing WhatsApp’s device pairing, the malware links the attacker’s phone to your account. Think about that. You could uninstall the npm package, scrub your project, and think you’re clean. Meanwhile, some stranger’s device is still receiving all your messages and could be impersonating you. It’s a persistent, silent compromise that lives far beyond the initial infection. How many of those 56,000 downloads have led to permanently compromised accounts? There’s no easy way to know.
A supply chain crisis in miniature
This incident is a textbook example of the software supply chain attacks that keep security experts up at night. Developers, especially under pressure, rely on open-source packages to build faster. We trust the ecosystem. But as Tea CEO Tim Lewis told The Register, this is a “canary in the coal mine.” When a package registry like npm is flooded with malicious packages—whether for token farming or, as in this case, outright espionage—the foundational trust crumbles. Every imported library becomes a potential threat vector. For enterprises, this means any internal tool or application built with a poisoned package could be leaking sensitive communications on a massive scale. It’s a nightmare for compliance and security teams.
What now for developers?
So what’s the fix? There’s no single solution. It requires a shift in behavior: more scrutiny of dependencies, even seemingly legitimate ones. Tools for software composition analysis (SCA) are becoming non-optional, not a luxury. And platforms like npm face immense pressure to improve vetting, though that’s a monumental task given the scale. Basically, the era of blindly `npm install`-ing anything that looks handy is over. This lotusbail package proves that the threat isn’t just theoretical, broken malware. It’s polished, effective, and hiding in plain sight. The core of open-source collaboration is being weaponized, and fixing that is the monumental challenge ahead.
