New npm Worm Threatens Software Supply Chain

A significant new threat has emerged within the npm ecosystem, putting the global software supply chain at risk. Security professionals are raising alarms about a sophisticated worm, known as Shai-Hulud, which is actively stealing sensitive developer credentials and spreading rapidly across hundreds of packages. This malicious software has already impacted millions of downstream users by infiltrating widely used tools and services.

The initial version of Shai-Hulud surfaced in September, when attackers used social engineering to hijack developer accounts. They then published trojanized packages designed to scan for and exfiltrate valuable data like AWS keys and GitHub tokens, sending the information to repositories controlled by the attackers. The worm didn’t stop there; it also searched for other packages maintained by the same developers and generated new malicious versions to extend its reach. By the end of September, it had already compromised 180 packages, causing widespread disruption to continuous integration and delivery pipelines worldwide.

Now, an evolved iteration dubbed the “Second Coming” is targeting high-profile projects including Zapier and PostHog. According to recent reports from Wiz Security, this new wave has infected more than 700 packages, which collectively boast over 100 million downloads. Although GitHub and npm are actively removing malicious repositories and packages, the worm continues to scale at an alarming rate, with approximately 1,000 new repositories being identified every half hour.

Security teams are being urged to act immediately. Given the campaign’s extensive scale, rapid pace, and ability to compromise secrets, organizations must thoroughly review their dependencies and implement remediation measures without delay. It remains uncertain whether the same threat actors are behind both versions of Shai-Hulud, but the latest iteration includes several enhanced capabilities. Notably, it can now infect up to 100 npm packages in a single campaign, a substantial increase from the previous limit of 20.

Mondoo has highlighted the severe potential consequences, warning that this worm could lead to major data breaches, create entry points for ransomware attacks, and erode trust in the npm ecosystem. They emphasized that because npm packages are integrated into countless applications and systems globally, even one compromised package can have a ripple effect, potentially impacting millions of end users and organizations.

Garrett Calpouzos, a principal security researcher at Sonatype, pointed out an unusual structural feature of the new malware. It is divided into two separate files, likely as an evasion tactic. The first file checks for and installs a non-standard “bun” JavaScript runtime, which then executes a second, substantially larger malicious source file. This second file publishes stolen data to .json files housed within a randomly named GitHub repository. Calpouzos noted that the file’s enormous size and complex structure appear to confuse AI analysis tools, exceeding typical context windows and causing inconsistent results when analyzed by systems like ChatGPT and Gemini.

To address this urgent threat, security experts are advising developers and organizations to take specific protective actions. Charlie Eriksen, a malware researcher at Aikido, has recommended a series of remediation steps to help mitigate the risk.

(Source: InfoSecurity Magazine)