500 npm Packages Infected by Shai-Hulud Malware Leaking Secrets
▼ Summary
– Hundreds of trojanized npm packages were planted in a new Shai-Hulud campaign to steal developer and CI/CD secrets, which are automatically posted on GitHub in encoded form.
– The malware uses obfuscated payloads to exfiltrate secrets and can destructively overwrite the victim’s home directory if certain authentication conditions fail.
– Over 27,000 malicious packages have been identified, with the campaign growing rapidly and using compromised maintainer accounts to publish modified legitimate packages.
– Compromised packages include essential tools from Zapier, ENS Domains, and PostHog, posing significant risks to developers and their applications.
– Security researchers recommend rotating all credentials, downgrading to safe package versions, and disabling npm postinstall scripts in CI/CD to mitigate the attack.
A significant supply-chain attack has compromised over 500 npm packages, including popular tools like Zapier, ENS Domains, PostHog, and Postman, with the Shai-Hulud malware designed to steal developer secrets. This malicious campaign automatically uploads stolen data, including CI/CD credentials and cloud platform tokens, to GitHub repositories, which are multiplying rapidly. Security researchers tracking the incident report that thousands of new malicious repositories are appearing every half hour, indicating widespread impact across the developer ecosystem.
The Shai-Hulud malware first emerged in mid-September, initially affecting 187 packages. Since then, the campaign has expanded dramatically, with threat actors using compromised maintainer accounts to publish trojanized versions of legitimate packages. These malicious versions inject harmful scripts into the `package.json` file, enabling the theft of sensitive information during installation.
Charlie Eriksen, a malware researcher at Aikido Security, first identified the new wave of attacks when 105 infected packages were detected. That number quickly grew to 492 distinct package names, with Koi Security later reporting more than 800 compromised packages when counting all infected versions. The scale of the attack is evident from GitHub search results showing over 27,600 entries related to the campaign.
According to Wiz cloud security researchers, approximately 350 unique maintainer accounts have been used to publish these malicious packages. The attackers are automating repository creation on GitHub, adding roughly 1,000 new repositories every 30 minutes. Eriksen clarified that these repositories indicate developers whose environments contained GitHub credentials that were compromised through the trojanized npm packages.
Technical analysis from Step Security reveals that the new Shai-Hulud payload appears in two files: `setupbun.js`, which masquerades as a Bun installer, and `bunenvironment.js`, a heavily obfuscated 10MB file. The malware employs sophisticated anti-analysis techniques, including extensive hex-encoding and obfuscated string retrieval functions.
The attack unfolds through five distinct stages, culminating in both data exfiltration and destructive actions. The malware systematically collects secrets from GitHub, npm, and major cloud platforms including AWS, GCP, and Azure. Most alarmingly, it includes a destructive component that overwrites the victim’s entire home directory under specific conditions, specifically when the malware fails to authenticate to GitHub, create repositories, fetch GitHub tokens, or locate npm tokens.
During the pre-install stage, the malicious code executes and creates four specific files: `cloud.json`, `contents.json`, `environment.json`, and `truffleSecrets.json`. These files contain the stolen credentials, which are automatically published to GitHub repositories with names referencing “Shai-Hulud” and descriptions proclaiming “The Second Coming.”
Evidence suggests the threat actors have gained access to GitHub accounts, which they’re using to create these repositories directly. Although GitHub is actively removing the malicious repositories, the attackers are generating new ones faster than they can be taken down.
Among the compromised packages are critical development tools. The affected Zapier packages represent the official toolkit for building Zapier integrations, making them essential for developers working with the platform. The compromised ENS Domains packages are widely used by wallets, decentralized applications, exchanges, and the ENS Manager app for handling .eth domain names, resolving Ethereum addresses, and interacting with official ENS smart contracts.
While npm displays warning messages about unauthorized publication for some compromised packages, many remain available for download. Security teams recommend immediately checking Aikido Security’s published list of infected packages, downgrading to safe versions, and rotating all exposed secrets and CI/CD tokens.
Wiz researchers emphasize that organizations should identify and replace compromised packages with legitimate versions while rotating all credentials associated with npm, GitHub, and cloud providers. Aikido Security additionally advises developers to disable npm postinstall scripts during continuous integration processes where possible.
This resurgence of Shai-Hulud occurs despite GitHub’s recent implementation of additional security measures designed to prevent supply-chain attacks on npm. The gradual rollout of these protections appears insufficient to stop the current campaign, highlighting the ongoing challenges in securing software supply chains.
(Source: Bleeping Computer)
