Seven npm Packages Use Adspect Cloaking to Trick Victims Into Crypto Scam Pages
Seven npm Packages Use Adspect Cloaking to Trick Victims Into Crypto Scam Pages
18 November 2025
Cybersecurity researchers have discovered a set of seven npm packages published by a single threat actor that leverages a cloaking service called Adspect to differentiate between real victims and security researchers to ultimately redirect them to sketchy crypto-themed sites.
The malicious npm packages, published by a threat actor named "dino_reborn" between September and November 2025, are