This threat involves a supply chain compromise of the popular Axios npm package, widely used in JavaScript and Node.js development. An unknown threat actor gained access to the npm account of an Axios maintainer and published two malicious versions of the package. These versions introduced a dependency on a newly created malicious package named plain-crypto-js. The malicious package functions as a dropper that downloads and executes platform-specific second-stage payloads, which are remote access trojans (RATs). These RATs provide attackers with capabilities such as executing remote shells, injecting binaries into processes, browsing file directories, enumerating running processes, and performing system reconnaissance. The attack chain involves credential compromise of the maintainer’s npm account, enabling the attacker to publish malicious code under a trusted package name, thereby increasing the likelihood of widespread infection due to Axios's popularity. Although the malicious versions were quickly removed from the npm registry, the rapid adoption and integration of Axios in many projects led to significant exposure. The threat actor’s use of a newly created malicious dependency complicates detection, as it may not be flagged by traditional supply chain security tools. The attack techniques correspond to several MITRE ATT&CK tactics and techniques, including persistence, defense evasion, execution, and command and control. No CVE identifier or known exploits in the wild have been reported at the time of this analysis. The attack highlights the risks of compromised developer credentials and the importance of securing software supply chains.

The impact of this supply chain attack is significant due to Axios's widespread use in web and server-side applications globally. Organizations using affected Axios versions risk remote compromise through the installed malicious dependency, potentially leading to unauthorized remote shell access, data exfiltration, lateral movement, and persistent footholds within networks. The attacker’s ability to inject binaries and perform system reconnaissance increases the risk of further exploitation and tailored attacks. This can result in data breaches, intellectual property theft, operational disruption, and reputational damage. The attack also undermines trust in open-source software supply chains, potentially affecting development workflows and increasing operational costs due to required audits and remediation. Although no active exploitation campaigns are currently known, the potential for rapid exploitation remains high given the ease of dependency inclusion in modern development. Organizations that fail to detect and remediate this compromise may face prolonged exposure and elevated risk of secondary attacks.

Organizations should immediately audit their software dependencies to identify any use of the malicious Axios versions or the plain-crypto-js package. Remove all instances of these malicious packages from development, build, and production environments. Rotate all credentials that may have been exposed or used in compromised build or deployment pipelines, including npm accounts and related developer credentials. Implement strict access controls and multi-factor authentication (MFA) for all package repository accounts to prevent future credential compromises. Monitor network traffic and endpoint logs for indicators of compromise, such as connections to the domain sfrclak.com or execution of suspicious binaries matching the provided hashes. Employ software composition analysis (SCA) tools to detect unauthorized or malicious dependencies proactively. Conduct thorough forensic investigations to identify potential lateral movement or persistence established by the attacker. Educate development teams on supply chain risks and enforce policies to verify package integrity and provenance before inclusion. Consider implementing automated alerts for unexpected dependency changes and use cryptographic signing of packages where supported. Finally, maintain up-to-date incident response plans tailored to supply chain compromise scenarios.