Intercom’s npm Package Compromised in Ongoing Mini Shai-Hulud Worm Attack
The intercom-client npm package version 7. 0. 4 was compromised via a malicious GitHub account, introducing credential-stealing malware into a widely used Node. js SDK. The attack involved two malicious files: setup. mjs, which downloads an unverified Bun binary during installation, and router_runtime. js, an obfuscated script targeting Kubernetes, Vault, and cloud credentials. Stolen data was encrypted and exfiltrated through the GitHub API. This supply chain attack resembles recent campaigns linked to the TeamPCP adversary, targeting CI/CD environments and leveraging GitHub workflows. The compromise affected developers and CI/CD pipelines that installed the compromised package.
AI Analysis
Technical Summary
The intercom-client npm package version 7.0.4 was compromised through a malicious GitHub account (nhur), which created malicious workflows to automate CI publishing of the infected package. The attack deployed two malicious files: setup.mjs, executed via a preinstall hook to download an unverified Bun binary, and router_runtime.js, an obfuscated 11.7 MB script designed to steal credentials from Kubernetes, Vault, and cloud environments. The stolen credentials were encrypted and exfiltrated through the GitHub API. This compromise shares technical patterns with recent supply chain attacks on PyPI lightning and SAP CAP packages, attributed to the TeamPCP threat actor group. The attack specifically targeted developers and CI/CD environments that installed the compromised package, enabling credential theft and potential further compromise of cloud and Kubernetes infrastructure.
Potential Impact
The compromise of the intercom-client npm package introduced credential-stealing malware into a widely used Node.js SDK with approximately 360,000 weekly downloads. This malware targets Kubernetes, Vault, and cloud credentials, potentially exposing sensitive infrastructure secrets. The stolen data is encrypted and exfiltrated via the GitHub API, enabling attackers to gain unauthorized access to cloud and CI/CD environments. The attack affects developers and automated CI/CD pipelines that installed the compromised package, increasing the risk of widespread credential theft and subsequent infrastructure compromise. No known exploits in the wild are reported at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official patch or remediation links are provided, users and organizations should avoid using intercom-client npm package version 7.0.4 until further notice. Review and audit CI/CD workflows and GitHub accounts for unauthorized access or malicious workflows, especially the compromised account 'nhur'. Consider scanning installed packages for the known malicious file hashes provided. Monitor for suspicious activity related to credential access and exfiltration. Follow updates from the package maintainers and trusted security sources for official fixes or mitigation instructions.
Indicators of Compromise
- hash: 598f8a39b021cf56d33432b6f67f7660
- hash: 9bd71891febd47b6a7d9ef1f6120662a
- hash: 0cf67457352cf82dea4189d9dbd41b8f519dbb81
- hash: 7c8bf63a9ba9169d5237acfc683f1bd004349341
- hash: 5ae8b2343e97cc3b2c945ec34318b63f27fa2db1e3d8fbaa78c298aa63db52ed
- hash: fe64699649591948d6f960705caac86fe99600bf76e3eae29b4517705a58f0e2
Intercom’s npm Package Compromised in Ongoing Mini Shai-Hulud Worm Attack
Description
The intercom-client npm package version 7. 0. 4 was compromised via a malicious GitHub account, introducing credential-stealing malware into a widely used Node. js SDK. The attack involved two malicious files: setup. mjs, which downloads an unverified Bun binary during installation, and router_runtime. js, an obfuscated script targeting Kubernetes, Vault, and cloud credentials. Stolen data was encrypted and exfiltrated through the GitHub API. This supply chain attack resembles recent campaigns linked to the TeamPCP adversary, targeting CI/CD environments and leveraging GitHub workflows. The compromise affected developers and CI/CD pipelines that installed the compromised package.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The intercom-client npm package version 7.0.4 was compromised through a malicious GitHub account (nhur), which created malicious workflows to automate CI publishing of the infected package. The attack deployed two malicious files: setup.mjs, executed via a preinstall hook to download an unverified Bun binary, and router_runtime.js, an obfuscated 11.7 MB script designed to steal credentials from Kubernetes, Vault, and cloud environments. The stolen credentials were encrypted and exfiltrated through the GitHub API. This compromise shares technical patterns with recent supply chain attacks on PyPI lightning and SAP CAP packages, attributed to the TeamPCP threat actor group. The attack specifically targeted developers and CI/CD environments that installed the compromised package, enabling credential theft and potential further compromise of cloud and Kubernetes infrastructure.
Potential Impact
The compromise of the intercom-client npm package introduced credential-stealing malware into a widely used Node.js SDK with approximately 360,000 weekly downloads. This malware targets Kubernetes, Vault, and cloud credentials, potentially exposing sensitive infrastructure secrets. The stolen data is encrypted and exfiltrated via the GitHub API, enabling attackers to gain unauthorized access to cloud and CI/CD environments. The attack affects developers and automated CI/CD pipelines that installed the compromised package, increasing the risk of widespread credential theft and subsequent infrastructure compromise. No known exploits in the wild are reported at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official patch or remediation links are provided, users and organizations should avoid using intercom-client npm package version 7.0.4 until further notice. Review and audit CI/CD workflows and GitHub accounts for unauthorized access or malicious workflows, especially the compromised account 'nhur'. Consider scanning installed packages for the known malicious file hashes provided. Monitor for suspicious activity related to credential access and exfiltration. Follow updates from the package maintainers and trusted security sources for official fixes or mitigation instructions.
Technical Details
- Author
- AlienVault
- Tlp
- white
- References
- ["https://socket.dev/blog/intercom-s-npm-package-compromised-in-supply-chain-attack"]
- Adversary
- TeamPCP
- Pulse Id
- 69f3e871f34be9dc34f7bd3d
- Threat Score
- null
Indicators of Compromise
Hash
| Value | Description | Copy |
|---|---|---|
hash598f8a39b021cf56d33432b6f67f7660 | — | |
hash9bd71891febd47b6a7d9ef1f6120662a | — | |
hash0cf67457352cf82dea4189d9dbd41b8f519dbb81 | — | |
hash7c8bf63a9ba9169d5237acfc683f1bd004349341 | — | |
hash5ae8b2343e97cc3b2c945ec34318b63f27fa2db1e3d8fbaa78c298aa63db52ed | — | |
hashfe64699649591948d6f960705caac86fe99600bf76e3eae29b4517705a58f0e2 | — |
Threat ID: 69f8a7e0cbff5d861027fc00
Added to database: 5/4/2026, 2:06:24 PM
Last enriched: 5/4/2026, 2:21:42 PM
Last updated: 5/4/2026, 3:59:39 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.