Cybersecurity researchers at ReversingLabs have uncovered a persistent and coordinated campaign targeting the NuGet package manager. This campaign, active since August 1, 2023 [1], aims to distribute the SeroXen RAT remote access trojan by releasing new malicious packages. The threat actors exploit NuGet’s MSBuild integrations feature to insert malicious code onto victims’ systems [4], a method never seen before in the NuGet repository.


The campaign involves the continuous release of new malicious packages that cleverly imitate popular ones. The threat actors use spaces and tabs to conceal the malicious code and artificially inflate the download counts to appear more legitimate [2]. They demonstrate persistence by continuously publishing new malicious packages, showing their commitment to sustaining this operation [4].

Recently, ReversingLabs detected three packages, ZendeskApi.Client.V2 [6], Betalgo.Open.AI [6], and Forge.Open.AI [6], that are part of the same campaign [6]. These packages employ a new code execution technique by downloading the payload from a GitHub repository instead of an attacker-controlled IP address. The attackers have evolved their techniques [6], using NuGet’s MSBuild integrations feature to execute malicious code [1] [4] [5] [6] [7]. The new code execution technique involves placing the malicious functionality inside the <packageID>.targets file in the “build” directory [6]. This technique was first observed in version 6.5.3 of the Pathoschild.Stardew.Mod.Build.Config package [6].

The ultimate goal of these decoy packages is to serve as a conduit for retrieving a second-stage .NET payload from a temporary GitHub repository [1]. The threat actor behind this campaign is meticulous and detail-oriented [3] [4], determined to keep this malicious campaign alive and active. It is worth noting that ReversingLabs quickly detected and removed these malicious packages. They are linked to a previous campaign reported by Phylum [6], which delivered the SeroXen RAT malware using PowerShell scripts [6]. The previous campaign [6], starting in August 2023 [6], included over 700 packages [6]. The malicious functionality in these packages was simple [1] [6], downloading and executing a stage 2 payload [6]. The packages were not sophisticated and were easily detected due to naming conventions and other factors [6].


The discovery of this persistent and coordinated campaign targeting the NuGet package manager highlights the need for enhanced security measures. The use of new code execution techniques and the continuous release of malicious packages demonstrate the evolving tactics of threat actors. It is crucial for organizations to remain vigilant and implement robust security measures to detect and mitigate such threats. Additionally, this campaign serves as a reminder of the importance of timely detection and removal of malicious packages to protect users from potential harm.