91% of Malicious Open-Source Packages Now Use Sophisticated Impersonation Over Typosquatting
Sonatype analysis of 4,309 malicious packages reveals that 91% use naming-variant tactics like suffix addition and dependency confusion, moving beyond classic typosquatting to evade detection.
Attackers in open-source ecosystems have largely abandoned simple typosquatting in favor of more sophisticated package impersonation techniques, according to new research from Sonatype. The cybersecurity firm analyzed 4,309 malicious packages and found that 91% used naming-variant tactics rather than the spelling errors that traditional defenses are built to catch. Only 9% of the packages relied on classic typosquatting, marking a significant shift in supply-chain attack methodology.
The most common impersonation tactic was suffix addition, accounting for 43.6% of cases, followed by prefixes, embedded target terms, dependency-confusion patterns, and version mimicry. Rather than copying a trusted name letter-for-letter, attackers now build names that look adjacent to legitimate projects. Terms like "plugin," "config," and "sdk" rarely trigger suspicion among developers, giving attackers room to hide multi-stage behavior in plain sight.
The malicious packages are not harmless lookalikes. Sonatype found that the most common behaviors were host and secrets exfiltration, followed by droppers and backdoors, turning a routine install into a route for credential theft and follow-on compromise. React was the most-targeted ecosystem with 540 malicious packages, ahead of the ESLint plugin and config ecosystem and Tailwind's library of add-ons, with crypto and DeFi tooling also featuring heavily.
"Typosquatting is table stakes now," said Brian Fox, CTO and co-founder of Sonatype. He added that attackers are copying the language, structure, and habits of real software ecosystems, and that a malicious package may already sit on a developer machine by the time it has built a reputation. Sonatype also pointed to evidence of industrialization, with the same naming tactics, infrastructure, and identities reused across multiple package families rather than appearing as one-off attempts.
The takeaway for security teams is that typo detection and static reputation checks are no longer enough. Sonatype urged organizations to add friction for first-seen dependencies, scrutinize anything that looks framework-adjacent, and weigh naming patterns and publisher behavior before a component enters the build. Defenders should assess suspicious packages at the campaign and publisher levels, not one package at a time.
This trend mirrors other recent supply-chain attacks, such as the "download pumping" technique where attackers artificially inflate npm download counts to trick developers into trusting malicious payloads. As open-source ecosystems continue to grow, the sophistication of impersonation tactics is likely to increase, making it essential for organizations to adopt more dynamic and behavior-based defenses.