00:00:00This might be one of the largest NPM supply chain breaches we have ever seen,
00:00:03and no this isn't April Fools, it's just bad timing and people need to be aware of this.
00:00:07It happened in the Axios package, the HTTP client has been installed 101 million times this week
00:00:13and has over 174,000 dependents. So it's already impacted packages like Datadog,
00:00:18OpenClaw and WordPress, and it's also been linked to North Korean hackers.
00:00:22So let's just jump in and see what happened.
00:00:29So here's the story, on March 31st 2026 an attacker compromised the NPM account
00:00:34of the Axios lead maintainer and published two backdoor releases, version 1.14.1 which
00:00:39was tagged as the latest release and also version 0.30.4 which was tagged as legacy.
00:00:44In these packages they introduced a phantom dependency called plaincryptojs
00:00:48which was essentially just the normal crypto.js package but it had one small tweak,
00:00:52it had a post install script called setup.js. That means that everyone and every CI installing
00:00:58these compromised packages was also running this script. The script itself contained
00:01:02obfuscated code that was checking what operating system you were using then connecting to a server
00:01:07to download a second payload that was relevant to the operating system you're on. So nobody
00:01:12was safe from this attack and they even went so far as making sure that the Mac OS payload
00:01:16worked on both Intel and Apple Macs. And it's the second payload that is the really bad one,
00:01:20this is the rat or the remote access trojan and it works basically the same across all of the
00:01:25operating systems. First it would scan your files going through your documents, desktop
00:01:29and config folders and the Windows version was even scanning your OneDrive, AppData and every
00:01:33drive letter you had on your system and then it would send that list of files back to the server
00:01:38probably so they could check if there was something worth stealing. After that it would then start
00:01:42beaconing so every 60 seconds it was phoning home with your hostname, username, operating system,
00:01:47time zone, hardware model and a full list of every running process so the attacker could see what
00:01:52software you're running and whether you're actively using it. And if all of that doesn't sound bad
00:01:56enough the worst bit is yet to come as at any time the attacker could remotely issue four commands
00:02:00that would let them browse any directory on your system, run the arbitrary shell commands or scripts,
00:02:05drop and execute additional malware or even kill the entire process to cover their tracks. In fact
00:02:10they even made sure that the original setup script would delete itself then delete the package.json
00:02:15that had the post installed in it and replace it with a clean version to try and make this as
00:02:19undetectable as possible. So you can see this hack was really bad and it's been designed to
00:02:23target developer workstations and CI/CD runners to look for all types of secrets like .env files,
00:02:28NPM tokens, SSH keys and anything else and any system that executed these malicious payloads
00:02:34should be treated as a full credential theft scenario. On top of all of this there's also
00:02:38the mystery of how the NPM account was compromised. Maintainr noted he has two-factor auth enabled and
00:02:43his GitHub action pipelines also have auth enabled as well. So what appears to have happened is the
00:02:47packages were published using the NPM CLI using a long-lived NPM access token. So the next question
00:02:53is how they got access to that token and the maintainer even thinks that someone may have
00:02:56got his account recovery codes but how they did that is a complete mystery for now. If you want to
00:03:01see if you've been affected by any of this make sure to search your lock files for the impacted
00:03:04axios versions as well as the plain crypto.js package and also search your node modules for
00:03:09the package itself. If you see any of them unfortunately it is bad news. You can also check
00:03:14your system for some rat artifacts and I'll leave full write-ups on this link below so you can follow
00:03:18the steps as well as know what to do if you have been compromised. In the future there's also a few
00:03:22steps you can take to try and prevent these attacks and the first one is always commit your lock files
00:03:26and make sure you're using the NPM CI command instead of the NPM install command in your pipelines.
00:03:31You also want to make sure you have a minimum age set in your package manager making sure that
00:03:35packages are at least 48 hours old before being installed with the hope that any malicious ones
00:03:39are caught in time as this axios one was actually discovered and deleted three hours later. Finally
00:03:44if possible just use the ignore scripts flag when you're running NPM install or just use a package
00:03:48manager like bun which actually blocks all post install scripts by default and only runs them on
00:03:53dependencies that you specifically listed as trusted. I hope this is the largest attack that
00:03:57we see this year but we're definitely seeing more and more of them so make sure you're staying safe
00:04:01out there and let me know what you think of all of this in the comments down below
00:04:04or hit that subscribe and as always see you in the next one.