Unveiling the Trojan: How Hackers Infiltrated the Internet’s Code Library

Attackers managed to steal a long-standing npm access token that belonged to the main maintainer of axios, the widely used HTTP client library in JavaScript. They utilized this token to release two tainted versions of the library, leading to the installation of a cross-platform remote access trojan on macOS, Windows, and Linux systems. The malicious packages were present on the npm registry for approximately three hours before being removed.

Axios is a highly popular library, with over 100 million downloads per week. It is integrated into about 80% of cloud and code environments, encompassing various applications from React front-ends to CI/CD pipelines to serverless functions. Huntress, a cybersecurity firm, identified the first infections just 89 seconds after the malicious release went live, confirming at least 135 compromised systems among its clients during the exposure period.

This incident marks the third significant npm supply chain breach in the last seven months, all of which exploited maintainer credentials. Despite implementing recommended security measures, the axios project fell victim to this attack.

The attacker gained control of the npm account of @jasonsaayman, a lead axios maintainer, by changing the account email to an anonymous ProtonMail address. They then proceeded to publish the poisoned packages using npm’s command-line interface, bypassing the project’s GitHub Actions CI/CD pipeline entirely.

Rather than tampering with the Axios source code, the attacker introduced a new dependency, plain-crypto-js@4.2.1, to both release branches. This dependency executed a postinstall script that delivered a cross-platform RAT to the developer’s machine, erasing itself post-execution to evade detection.

The attack was meticulously planned, with a clean version of plain-crypto-js published under a separate npm account 18 hours before the malicious release. The weaponized 4.2.1 version was swiftly introduced to both release branches within 39 minutes, deploying three platform-specific payloads. The malware deleted itself after execution and replaced the package.json file to hinder forensic analysis.

Security firms StepSecurity and Socket identified the compromise, highlighting it as one of the most operationally sophisticated supply chain attacks against a top-10 npm package.

Despite having robust security measures in place, Axios was compromised due to a legacy token that was still active alongside modern security controls. The attacker exploited this vulnerability, bypassing newer security mechanisms.

The maintainer expressed dismay upon discovering the compromise, emphasizing their use of 2FA/MFA on all platforms. Endor Labs detailed the contrast between legitimate and malicious axios versions, showcasing the absence of provenance in the compromised release, which would have raised immediate red flags if checked.

The incident underscores a recurring theme in npm breaches – the compromise of maintainer credentials. The npm ecosystem has witnessed multiple supply chain attacks, each exploiting stolen credentials to infiltrate widely used packages.

In response to previous breaches, npm implemented several security enhancements, including mandatory FIDO 2FA, token expiration, and OIDC Trusted Publishing. However, the fundamental vulnerability of individual maintainer accounts remains unaddressed, posing a persistent risk to the ecosystem.

Organizations utilizing Node.js are advised to treat the axios compromise as an active incident and conduct thorough assessments to ensure clean systems. Immediate actions include checking for exposure to compromised packages, rebuilding affected systems, blocking command and control servers, and hardening security measures going forward.

Despite npm’s efforts to enhance security post-breaches, the reliance on individual maintainer accounts as the primary trust anchor presents an ongoing challenge. The community must prioritize mitigating credential-related risks through measures such as mandatory provenance attestation and multi-party signing to safeguard against future supply chain attacks.

In conclusion, the axios supply chain compromise serves as a stark reminder of the critical role of maintaining secure credentials in safeguarding the integrity of open-source software ecosystems. Vigilance, proactive security measures, and collective industry efforts are essential to mitigate the risks posed by supply chain attacks.