IronWorm and New Miasma Worm Variant Strike npm Ecosystem in Coordinated Supply Chain Attacks
Recent developments in the npm ecosystem have revealed a series of coordinated software supply chain attacks that leverage both malicious and poisoned versions of over 50 legitimate packages. These attacks have been attributed to threat actors deploying a Rust-based information stealer and a self-replicating worm, highlighting significant vulnerabilities within the software supply chain.
Overview of the Attacks
The information stealer, dubbed IronWorm, has been designed to extract sensitive information from developers’ machines. According to JFrog, the malware “scrapes every secret it can find on a developer’s machine, hides behind an eBPF kernel rootkit, and answers to its operator over Tor.” This sophisticated malware not only collects credentials but also utilizes them as a propagation mechanism, drawing parallels to the notorious Shai-Hulud worm.
The attacks have been traced back to a compromised npm account named asteroiddao, which has been responsible for publishing package versions that contain the Rust ELF binary executed via a preinstall hook. The malware targets 86 environment variables and various files that may contain credentials associated with major platforms such as OpenAI Codex, AWS, Docker, and Kubernetes.
Technical Mechanisms of IronWorm
IronWorm’s design includes a unique feature: it avoids targeting the threat actor’s own cryptocurrency wallet, which currently remains empty. JFrog has characterized IronWorm as “a supply chain weapon built to find secrets, modify projects, and inject malicious code to self-propagate across GitHub.” The malicious commits span nine GitHub organizations and are attributed to the author name “claude,” an apparent attempt to mimic Anthropic’s AI chatbot.
The malware exploits the credentials of a member of the asteroid-dao GitHub organization, named ocrybit, to push malicious commits across accessible repositories. These commits plant malware into other packages, which can subsequently be published, infecting other developers. The malware is also capable of modifying GitHub Actions workflows to harvest secrets and upload them as build artifacts, effectively eliminating the need for an external command-and-control (C2) server.
The Emergence of the New Miasma Worm Variant
In addition to IronWorm, a separate supply chain attack campaign has been identified, compromising 57 npm packages with over 286 malicious versions. This campaign serves a new variant of the Miasma worm, which previously infected 32 packages under the @redhat-cloud-services npm namespace within a mere 72 seconds.
Some of the affected packages include:
- ai-sdk-ollama
- autotel
- awaitly
- effect-analyzer
- eslint-plugin-awaitly
- executable-stories-cypress
- http-uploader-dev
- mountly
- node-env-resolver
- node-env-resolver-aws
The stolen data is exfiltrated to a now-inaccessible GitHub account, liuende501, which served as an exfiltration point for 236 repositories. It remains unclear whether GitHub has removed the account or if the threat actor deleted it.
Advanced Techniques and Evasion Strategies
The Miasma worm variant employs a technique referred to as “Phantom Gyp,” which allows the attacker to bypass traditional security checks. Instead of utilizing preinstall or postinstall lifecycle scripts, the attacker exploits a 157-byte binding.gyp file to trigger code execution during npm install, effectively evading most install-script security measures.
The attack chain is engineered to download and install the Bun JavaScript runtime, which is then used to load a credential harvester tailored to extract secrets from various platforms, including AWS, Google Cloud, and Microsoft Azure. The malware’s ability to inject persistent backdoor files into project repositories poses a significant risk, as these files execute whenever a developer opens the project in their AI-assisted IDE.
Recommendations for Developers
Developers who may have installed affected versions are strongly advised to rotate their credentials and disable install scripts and native rebuilds by default. Ensuring that packages are pinned with integrity hashes can also mitigate the risks associated with these attacks.
In a recent update, Red Hat disclosed that the root cause of the Miasma supply chain incident likely stemmed from a compromised GitHub account used to push unauthorized commits to repositories in the RedHatInsights GitHub organization. The malware operates across multiple platforms, dynamically downloading the appropriate Bun runtime for each system, with a particular focus on Linux CI/CD runners.
The Miasma payload is considered a derivative of the Shai-Hulud worm, previously utilized by TeamPCP in recent campaigns. While the underlying functionality remains similar, the latest attacks display significant adaptations, complicating attribution efforts.
Conclusion
The emergence of IronWorm and the new Miasma worm variant underscores the growing sophistication of supply chain attacks targeting the npm ecosystem. As these threats evolve, it is imperative for developers and organizations to adopt stringent security measures to protect against potential vulnerabilities.
Source: thehackernews.com
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
