A series of supply chain attacks has recently targeted the npm ecosystem, impacting nearly 500 packages and accumulating an astounding 132 million monthly downloads. This wave of malicious activity follows a similar incident from September when about 200 packages were compromised, resulting in over 2 billion weekly downloads.
The latest attack, primarily affecting packages designed to execute JavaScript outside the browser, has been analyzed by Aikido and other cybersecurity firms. Aikido reported that 492 packages fell victim to this self-replicating worm, with more than 25,000 compromised repositories labeled “Shai-Hulud: The Second Coming.” These repositories have been found to contain sensitive information, including passwords, API keys, cloud tokens, and credentials for platforms like GitHub and npm.
“The timing of this attack is significant, particularly in light of npm’s announcement to revoke classic tokens on December 9, following a series of supply chain breaches,” said Charlie Eriksen from Aikido. “With many users yet to transition to a more secure publishing process, the attacker seized the opportunity for one last strike before npm’s deadline.”
Impact of the Shai-Hulud Attack on Major npm Packages
Named after iconic sandworms in *Dune*, the Shai-Hulud worm is a self-replicating npm threat designed for rapid proliferation through compromised development environments. This recent attack has affected prominent npm packages from companies such as Zapier, ENS, AsyncAPI, PostHog, Browserbase, and Postman.
Once the malware infiltrates a system, it actively searches for exposed secrets—like API keys and tokens—utilizing a tool known as TruffleHog. Any sensitive information it finds is published to a public GitHub repository. Furthermore, it attempts to introduce new copies of itself to npm, facilitating its spread throughout the ecosystem while simultaneously exfiltrating valuable data back to the attacker.
If a developer unknowingly installs one of these compromised packages, the malware executes quietly during the installation process, gaining access to the developer’s machine, build systems, or cloud environments almost instantly. Should the stolen secrets include access to code repositories or package registries, attackers can leverage these to breach additional accounts and disseminate further malicious packages, exacerbating the issue.
“Given that a trusted ecosystem was implicated and millions of downloads are involved, every team utilizing npm should immediately verify if they have been affected and rotate any credentials that may be at risk,” Eriksen emphasized.
In-Depth Look at the Shai-Hulud Worm
Ashish Kurmi from Step Security provided details on this malware’s latest advancements, stating it disguises its payload as a seemingly helpful Bun installer. The core payload, identified as bun_environment.js, weighs in at 10MB and employs highly advanced obfuscation techniques.
According to Kurmi, this includes a vast hex-encoded string array filled with thousands of entries, an anti-analysis loop executing millions of arithmetic operations, and the retrieval of every string in the code through an obscured function.
The malware enhances its stealth by delaying full execution on developer machines through a process that forks itself into the background. This means the user’s terminal appears to function normally at first, but shortly thereafter, a separate process initiates data exfiltration.
“The malware executes a sophisticated, multi-layered pre-install attack targeting both CI/CD runners and developer workstations effectively,” Kurmi added. Moreover, Wiz highlighted that this malware also targets major cloud platforms—AWS, Azure, and Google Cloud Platform (GCP)—by bundling official SDKs to operate independently of the host tools.
As the npm ecosystem continues to face significant threats from supply chain attacks, the urgency for developers and organizations to secure their environments cannot be overstated. Awareness of the vulnerabilities inherent in these widely-used packages is key to maintaining the integrity and safety of development cycles in today’s digital landscape.
