{"id":5900,"date":"2025-09-17T18:30:11","date_gmt":"2025-09-17T18:30:11","guid":{"rendered":"https:\/\/pokecon.jp\/job\/?p=5900"},"modified":"2025-09-17T18:30:11","modified_gmt":"2025-09-17T18:30:11","slug":"self-propagating-supply-chain-attack-hits-187-npm-packages","status":"publish","type":"post","link":"https:\/\/pokecon.jp\/job\/5900\/","title":{"rendered":"Self-propagating supply chain attack hits 187 npm packages"},"content":{"rendered":"\n<\/p>\n
\n

\"npm\"<\/p>\n

Security researchers have identified at least\u00a0187\u00a0npm packages compromised in an ongoing supply chain attack, with a malicious self-propagating payload to infect other packages.<\/p>\n

The coordinated worm-style campaign dubbed ‘Shai-Hulud’ started yesterday with the compromise of the @ctrl\/tinycolor<\/em> npm package, which receives over 2 million weekly downloads.<\/p>\n

Since then, the campaign has expanded significantly and now includes packages published under CrowdStrike’s npm namespace.<\/p>\n

From tinycolor<\/em> to CrowdStrike<\/h2>\n

Yesterday,\u00a0Daniel Pereira, a senior backend software engineer, alerted<\/a> the community to a large-scale software supply chain attack affecting the world’s largest JavaScript registry, npmjs.com.<\/p>\n

“There is a [sic] malware spreading live in npm as you read this,”\u00a0wrote the engineer, cautioning everyone to refrain from installing the latest versions of the @ctrl\/tinycolor<\/a><\/em> project.<\/p>\n

\n
\"Pereira's
Pereira alerting everyone to ongoing npm supply chain attack<\/strong><\/figcaption><\/figure>\n<\/div>\n

Pereira had\u00a0been\u00a0trying to<\/a> get GitHub’s attention in the last 24 hours through more discreet channels to discuss the ongoing attack as “a\u00a0lot of repos were targeted,” and disclosing the attack publicly could put people at risk.<\/p>\n

“But contacting GitHub is too hard. For instance, secrets are being exposed in repos. This is serious,” wrote the engineer.<\/p>\n

Software supply chain security firm Socket began investigating the compromise<\/a> and identified at least 40 packages that were compromised in this\u00a0campaign. Today, both\u00a0Socket\u00a0and\u00a0Aikido\u00a0researchers have identified additional packages<\/a>, bringing the count up to at least 187.\u00a0<\/p>\n

StepSecurity also published<\/a> a technical breakdown with deobfuscated snippets and attack-flow diagrams, largely\u00a0confirming Socket’s initial findings.<\/p>\n

Affected\u00a0packages include several ones published by CrowdStrike’s npmjs account\u00a0crowdstrike-publisher<\/a><\/em>.<\/p>\n

BleepingComputer reached out to the cybersecurity solutions provider for comment:<\/p>\n

“After detecting several malicious Node Package Manager (NPM) packages in the public NPM registry, a third-party open source repository, we swiftly removed them and proactively rotated our keys in public registries,” a CrowdStrike spokesperson shared with\u00a0BleepingComputer.<\/p>\n

“These packages are not used in the Falcon sensor, the platform is not impacted and customers remain protected. We are working with NPM and conducting a thorough investigation.”<\/p>\n

Self-propagating worm uses\u00a0TruffleHog to steal secrets<\/h2>\n

The compromised versions include a self-propagating mechanism that targets other packages by the same maintainer.<\/p>\n

The malware downloads each package by a maintainer, modifies its package.json<\/em>, injects a bundle.js<\/em> script (shown below), repacks the archive, and republishes it, thereby “enabling automatic trojanization of downstream packages,”\u00a0as Socket researchers explained.<\/p>\n

\n
\"bundle.js
bundle.js file downloads TruffleHog to exfiltrate secrets<\/strong> (Socket)<\/figcaption><\/figure>\n<\/div>\n

The bundle.js<\/em> script makes use of TruffleHog,\u00a0a legitimate secret scanner that can be used by\u00a0developers and security professionals to find accidentally leaked sensitive information like API keys, passwords, and tokens within code repositories and other data sources.<\/p>\n

The malicious script, however, abuses the tool to search the host for tokens and cloud credentials.<\/p>\n

“It validates and uses developer and CI credentials, creates a GitHub Actions workflow inside repositories, and exfiltrates results to a hardcoded webhook\u00a0(hxxps:\/\/webhook[.]site\/bb8ca5f6-4175-45d2-b042-fc9ebb8170b7),” explains Socket.<\/p>\n

The name ‘Shai-Hulud’ comes from the shai-hulud.yaml <\/em>workflow\u00a0<\/em>files used by\u00a0malware found in the compromised versions, and is a reference to the\u00a0giant sandworms in Frank Herbert’s\u00a0Dune<\/em><\/a> series.<\/p>\n

“While not a unique reference, its presence reinforces that the attacker deliberately branded the campaign ‘Shai-Hulud,'” stated<\/a> Socket\u00a0researchers Kush Pandya and Peter van der Zee today.<\/p>\n

The malware found in additional packages identified today is identical to the previous strand that used bundle.js<\/em> to:<\/p>\n