Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

5 2 minutes read

Attackers recently carried out a sophisticated supply chain attack by stealing a long-lived npm access token belonging to the lead maintainer of axios, the widely used HTTP client library in JavaScript. Two poisoned versions of axios were published using the stolen token, containing a cross-platform remote access trojan that targeted macOS, Windows, and Linux systems. These malicious releases were live on the npm registry for approximately three hours before they were removed.

Axios, which receives over 100 million downloads per week, is a crucial component in about 80% of cloud and code environments. The attack was swiftly detected by security firms such as Wiz and Huntress, with the latter confirming at least 135 compromised systems among its customers during the short exposure window.

This incident marks the third major npm supply chain compromise in the past seven months, all of which have exploited maintainer credentials. Despite axios implementing various security defenses recommended by the community, the attackers were able to bypass them.

The attacker gained access to the npm account of @jasonsaayman, a lead axios maintainer, and published the malicious packages through npm’s command-line interface, avoiding the project’s GitHub Actions CI/CD pipeline. The poisoned versions of axios did not tamper with the source code but included a new dependency, plain-crypto-js@4.2.1, which ran a postinstall script to install the remote access trojan on developers’ machines.

The meticulous staging of the attack involved publishing a clean version of plain-crypto-js under a separate npm account to evade detection before releasing the weaponized version. The malware erased itself after execution and replaced package.json to hinder forensic analysis.

Despite axios implementing security measures such as OIDC Trusted Publisher mechanism and SLSA provenance attestations, the attackers were able to exploit a gap in the system. The legacy token used for authentication during publishing took precedence over the newer security measures, allowing the attacker to bypass them effortlessly.

The incident highlights the recurring theme of credential compromise in npm breaches. The npm ecosystem has made significant security enhancements following previous supply chain attacks, but the reliance on maintainer credentials as the primary trust anchor remains a vulnerability.

In response to the incident, SOC leaders are advised to conduct impact assessment, containment, patching, and transparent reporting to prevent future attacks. Organizations running Node.js should check for exposure to the compromised versions of axios, assume compromise if found, block the Command and Control (C2) servers, check for Remote Access Trojan artifacts, and implement additional security measures in their CI/CD workflows.

The incident underscores the need for structural changes in the npm security model to eliminate the reliance on individual maintainer credentials as the ultimate trust anchor. Mandatory provenance attestation and multi-party signing are proposed as potential solutions to enhance security in the npm ecosystem.

In conclusion, the axios supply chain compromise serves as a wake-up call for the npm community to prioritize security enhancements that address the root cause of credential vulnerabilities. By implementing robust security measures and eliminating legacy authentication mechanisms, the npm ecosystem can better protect against future supply chain attacks.