Hackers fill GitHub with projects that hide malicious code.

Cybercriminals hide malicious code with “invisible” Unicode characters

New research from Aikido Security showed that at the beginning of March, 151 projects appeared on GitHub containing hidden spyware code. Malicious packages use Unicode characters that look like spaces or empty lines to a human but, when JavaScript is run normally, they turn into executable byte‑code and are fed into the `eval()` function.

How the attack looks
1. Library names

Packages are named after well‑known commercial solutions (e.g., “React” or “Node.js”). This tricks developers into mistakenly assuming they are safe and including them in their projects.

2. “Readable” code + hidden fragments

Most of the code appears as a normal, easily readable program. Inside, however, there are blocks filled with “invisible” characters. When viewed manually they disappear, but when executed they activate.

3. Test repositories

Such malicious packages have already been found not only on GitHub but also in NPM, Open VSX and the Visual Studio Code marketplace.

Why they’re hard to spot
- Changes in projects look ordinary: version updates, bug fixes, refactoring.

- According to experts, attackers use large AI language models to automate code forgery. This allows them to quickly prepare more than 150 projects without manual effort.

History of the characters
Unicode characters corresponding to Latin letters were added to the system decades ago. Since 2024, hackers have begun using them to mask malicious requests to chat‑bots and code in repositories. Traditional static analysis tools do not detect them; only when JavaScript runs do small decoders reveal the real byte‑code.

What developers should do
1. Check dependencies – before adding external libraries carefully review their source code and change history.

2. Automated checks – use linters, scanners for “invisible” characters, and dynamic behavior analysis tools.

3. Update – keep an eye on whether packages are removed after download; this may indicate a hidden threat.

Prospects
If the hypothesis that AI is used in this scheme proves true, detecting and eliminating such attacks will become increasingly difficult. Nevertheless, a conscious approach to reviewing source code and dependencies remains the best defense against these threats.