NPM Malware Attack Exposed 400,000 Developer Secrets
▼ Summary
– The second Shai-Hulud malware attack exposed roughly 400,000 raw secrets by infecting hundreds of NPM packages and publishing data across 30,000 GitHub repositories.
– Researchers found that over 60% of the leaked NPM tokens were still valid, posing an active risk for further supply chain attacks.
– The malware used a self-propagating payload that stole credentials and, in this attack, included a destructive mechanism to wipe victim home directories.
– Analysis showed the attack heavily targeted specific packages and Linux containers, with GitHub Actions being the most impacted CI/CD platform.
– Security experts predict the attackers will continue to evolve their techniques and launch more attack waves using the harvested credentials.
A recent malware campaign targeting the Node Package Manager (NPM) registry has compromised hundreds of thousands of developer secrets, posing a significant ongoing threat to software supply chains. The second wave of the so-called Shai-Hulud attack infiltrated hundreds of packages, leading to the exposure of approximately 400,000 raw secrets across 30,000 GitHub repositories. While automated scanning indicates a large portion of these credentials may be outdated, security analysts warn that a substantial number remain active and dangerous.
Researchers from the cloud security firm Wiz confirmed that more than 60% of the leaked NPM tokens were still valid weeks after the incident. The attack, which first appeared in September, uses a self-propagating payload. This malicious code hunts for account tokens using the open-source TruffleHog tool, injects a script into NPM packages, and then automatically publishes the corrupted versions. The second, more aggressive wave impacted over 800 package versions and even included a destructive component designed to wipe a victim’s home directory under specific conditions.
An analysis of the data dumped across the thousands of GitHub repositories reveals the extensive scope of the breach. About 70% of these repositories contained a file with GitHub usernames and tokens, while 80% held environment files packed with sensitive operating system information, CI/CD metadata, and additional credentials. Notably, 400 repositories exposed secrets specifically related to GitHub Actions workflows. The attackers’ use of TruffleHog without filters meant they collected all secrets matching known formats, resulting in a vast but noisy dataset that still contains hundreds of valid keys.
“While the secret data is extremely noisy and requires heavy deduplication efforts, it still contains hundreds of valid secrets, including cloud, NPM tokens, and VCS credentials,” the Wiz team reported. They emphasized that these live credentials continue to present an active risk for further supply chain compromises. Examining the infected systems showed that the vast majority, 87%, were Linux-based, with most infections occurring within containerized environments.
The distribution of impacted CI/CD platforms was led overwhelmingly by GitHub Actions, followed by Jenkins, GitLab CI, and AWS CodeBuild. When tracing the source of infections, researchers identified that two specific packages were responsible for more than 60% of all cases, suggesting a focused attack vector. The top package was @postman/tunnel-agent@0.6.7, followed by @asyncapi/specs@6.8.3. This concentration indicates that early detection and neutralization of a few key packages could have drastically limited the attack’s overall impact.
The infection mechanism was remarkably consistent, with 99% of instances triggered by a preinstall event executing a specific script. Security experts at Wiz anticipate that the threat actors behind Shai-Hulud will continue to refine their methods. They predict additional attack waves are likely, potentially fueled by the massive trove of credentials already stolen. This incident underscores the critical need for developers and organizations to rigorously audit dependencies, monitor for secret leakage, and promptly rotate any potentially exposed credentials.
(Source: Bleeping Computer)
