Feed
HighPublished 15 Apr 20261 package · 5 versions

@kindo/selfbot npm package delivers XWorm RAT via 5-stage Astral Warfare chain

Summary

JFrog identified @kindo/selfbot (XRAY-964727), a video-game-themed Discord selfbot npm package. A 5-stage chain (JS downloader → 250KB obfuscated batch → PowerShell process injection → XOR-decoded shellcode → XWormClient .NET RAT) installed itself against explorer.exe with AMSI/ETW evasion.

typosquatinfostealercredential-theftobfuscation
Detected by
JFrog
Also known as
Astral Warfare · Astral Injection
Ecosystems
npm
Packages tracked
1

What happened

JFrog flagged @kindo/selfbot (XRAY-964727) on 15 April 2026 — a video-game-themed Discord selfbot npm package distributed alongside a fake indie game branded "Astral Warfare" at astralwarfare.fr. Distribution leans on social engineering through hijacked Discord accounts: contacts of compromised users receive a "Would you test my new game?" pitch directing them to the site.

The execution chain runs five stages:

  1. JS downloader stub in @kindo/selfbot.
  2. A ~250KB obfuscated batch script (SHA-256 0b2ce48e4be6a6be85565ce309d2f10cc1b3179a03d25a61f66c6b50fe37b010).
  3. PowerShell process-injection loader (SHA-256 7a8cef4bfa1ca9c24be4886136c30402d4433310283aee22e2da67cbb938b3a9) with AMSI / ETW evasion targeting explorer.exe.
  4. XOR-decoded shellcode (SHA-256 1255d41081452cd8fa2358860449bbf3b3494b80282e2bb4ba6b6980ceaf9be1).
  5. XWormClient .NET RAT v7.4 (SHA-256 c26f8d09e0486aacba414f04c310c6532541d2cdf3f40d95e3fe224d9b77e0a6), C2 185.94.29.43:7004, protocol separator <Xwormmm>.

XWorm 7.4 ships the usual capability set — RCE, DDoS, screenshot, USB propagation, plugin loader, window monitoring — and persists via a scheduled task named applicationbackup_* plus an IntelDriver directory under C:\ProgramData. Developers who installed @kindo/selfbot should treat Discord tokens, npm tokens, SSH keys and any cloud / DB credentials reachable from the workstation as exposed.

Affected packages (1)

  • npm@kindo/selfbot
    1.0.01.0.11.0.21.0.31.0.4

Impact

  • Full RAT capabilities: RCE, DDoS, screenshot, plugin loading
  • Persistence via scheduled task applicationbackup_*
  • Discord, npm, SSH and cloud credential exposure for developers who installed

What to do

  1. 1Uninstall @kindo/selfbot, purge node_modules, set npm config set ignore-scripts true
  2. 2schtasks /delete /tn "applicationbackup_*" /f and remove IntelDriver dirs under C:\ProgramData
  3. 3Rotate Discord tokens, npm tokens, cloud and DB credentials
  4. 4Block astralwarfare.fr and 185.94.29.43 at egress

References

npm-2026-04-15-kindo-selfbot-xworm