@Qqbrowser/Openclaw-Qbot
A JavaScript package on the npm registry, version 0_0_130, compromised by UNC1069 in the May 2026 WAVESHAPER campaign expansion
Last refreshed: 20 May 2026 · Appears in 1 active topic
Is @qqbrowser/openclaw-qbot affiliated with Tencent's QQ Browser, or is it DPRK namespace mimicry?
Timeline for @qqbrowser/openclaw-qbot
Mentioned in: UNC1069 expands the npm WAVESHAPER supply chain
Cybersecurity: Threats and DefencesIs @qqbrowser/openclaw-qbot a legitimate npm package or is it malware?
What does the WAVESHAPER.V2 backdoor installed by @qqbrowser/openclaw-qbot do?
How does UNC1069 use namespace mimicry to distribute malware through npm?
Background
`@qqbrowser/openclaw-qbot` (version 0_0_130, rendered in the npm registry with underscores for directory naming) is an npm registry package confirmed by GTIG as a second expansion of UNC1069's WAVESHAPER.V2 backdoor campaign in May 2026. Alongside `@shadanai/openclaw`, it extends the distribution reach of the same malicious payload first documented in the April 2026 Axios supply-chain compromise . The package is registered under the `@qqbrowser` scoped namespace, a name chosen to evoke the QQ Browser product maintained by Tencent, exploiting developer recognition of browser-adjacent tooling namespaces. Any developer or automated build pipeline that installs `@qqbrowser/openclaw-qbot@0.0.130` without integrity verification executes the WAVESHAPER.V2 payload.
The `@qqbrowser` namespace has no confirmed affiliation with Tencent's QQ Browser product. Its use is consistent with UNC1069's observed pattern of namespace mimicry, registering names adjacent to known developer brands to reduce installation friction. This technique is a variant of dependency confusion, in which a package name resembles a legitimate internal or popular dependency closely enough that automated installers or inattentive developers install it without verification.
The WAVESHAPER.V2 backdoor carried by this package provides remote access, data exfiltration capability, and persistence mechanisms identical to those documented in the Axios campaign. The download volume for `@qqbrowser/openclaw-qbot` is small relative to mainstream npm packages. The broader significance is structural: UNC1069 has now demonstrated the ability to register multiple scoped namespaces on npm within a single campaign window, distributing the same payload across three separate package names to reduce the impact of any single takedown.