A compromised maintainer account turns a trusted JavaScript library into a stealth malware delivery channel across developer environments
CyberShelter Threat Intelligence has identified a critical software supply chain attack targeting the widely used Axios npm package.
Attackers compromised a maintainer account and published malicious versions containing a Remote Access Trojan (RAT) dropper. As a result, developers and CI/CD pipelines installing these versions unknowingly executed malware.
Because Axios is deeply embedded in modern applications, this attack poses a critical risk to developers, enterprises, and software supply chains.
Threat Overview
- Threat Type: Software Supply Chain Attack
- Target: Axios npm package
- Severity: Critical
- Platforms Affected: Windows, Linux, macOS
- Initial Access: Compromised maintainer account
- Execution Method: Post-install script
- Impact: RAT deployment and system compromise
Key Threat Characteristics
This campaign demonstrates advanced attacker techniques:
- Maintainer credential compromise
- CI/CD pipeline bypass
- Dependency injection
- Automatic execution via post-install scripts
- Cross-platform malware deployment
- Anti-forensic cleanup to evade detection
Unlike typical attacks, this one directly targets developer workflows and trusted package ecosystems.
Affected Packages
Malicious Versions
- axios@1.14.1
- axios@0.30.4
- plain-crypto-js@4.2.1 (injected dependency used as RAT dropper)
Safe Versions
- axios@1.14.0
- axios@0.30.3
Attack Chain Explained
Step 1: Initial Compromise
Attackers gained access to the npm maintainer account. Then, they:
- Changed account email
- Published malicious package versions
- Injected a hidden dependency
Step 2: Installation
A developer or CI/CD pipeline installs the compromised package version.
Because npm executes scripts automatically, the attack begins immediately.
Step 3: Payload Execution
The post-install script runs a malicious file (setup.js). As a result:
- The system connects to attacker-controlled infrastructure
- A platform-specific payload is downloaded
Step 4: RAT Deployment
The malware installs a cross-platform Remote Access Trojan, allowing attackers to:
- Control the system remotely
- Steal credentials and tokens
- Access code repositories
Step 5: Anti-Forensics
After execution, the malware:
- Deletes traces of installation
- Cleans artifacts
- Restores package files
Therefore, detection becomes significantly harder.
Indicators of Compromise (IOC Highlights)
Network Indicators
- Domain: sfrclak[.]com
- IP: 142.11.206.73
File Indicators
- Linux: /tmp/ld.py
- macOS: /Library/Caches/com.apple.act.mond
- Windows: %PROGRAMDATA%wt.exe
Behavioral Indicators
- Unexpected npm post-install activity
- Unknown dependencies in projects
- Suspicious outbound connections
Risk Impact
Developer-Level Impact
- Workstation compromise
- Credential theft
- Unauthorized repository access
Enterprise-Level Impact
- CI/CD pipeline compromise
- Exposure of API keys and secrets
- Cloud credential theft
- Software supply chain poisoning
Because developers act as trusted entry points, this attack can spread quickly across organizations.
CyberShelter Recommendations
Immediate Actions (Critical)
- Remove malicious package versions immediately
- Downgrade to safe Axios versions
- Delete the plain-crypto-js dependency
Assume Compromise Protocol
If affected versions were installed:
- Rotate API keys and tokens
- Rotate SSH keys
- Reset environment credentials
- Audit developer systems
Security Enhancements
- Implement dependency verification tools (SCA)
- Enforce MFA for maintainers
- Restrict CI/CD pipeline permissions
- Monitor package changes and anomalies
- Apply Zero Trust principles in development environments
Strategic Insight
This attack highlights a critical shift:
Attackers no longer target applications directly—they target the software supply chain.
By compromising a trusted package, attackers can:
- Reach thousands of systems instantly
- Bypass traditional security controls
- Embed themselves into development workflows
Organizations must treat dependencies as untrusted inputs, not trusted components.
Because in modern software development,
one compromised package can compromise an entire ecosystem.