A major supply chain security incident has impacted Axios, one of the most widely used HTTP clients in the JavaScript ecosystem. Attackers successfully introduced malicious code into the npm package by compromising a maintainer account, enabling the distribution of a cross-platform remote access trojan (RAT).
Compromised npm Account Used to Publish Malicious Versions
Security researchers revealed that versions 1.14.1 and 0.30.4 of Axios were published using unauthorized access to the maintainer account “jasonsaayman.” This allowed threat actors to bypass CI/CD protections and inject a harmful dependency.
The malicious versions included a fake package named plain-crypto-js@4.2.1, which was never actually used by Axios but served a critical purpose in executing the attack.
Hidden Dependency Executes Postinstall RAT Dropper
The injected dependency contained a postinstall script designed to automatically run when the package was installed. This script deployed a Node.js-based dropper that fetched platform-specific malware payloads.
The dropper contacted a remote command-and-control (C2) server and delivered tailored second-stage payloads for:
- Windows
- macOS
- Linux
After execution, the malware attempted to erase its traces by deleting itself and replacing the package configuration with a clean version.
Multi-Platform Attack Execution
The attack chain varied depending on the operating system:
macOS
The malware used AppleScript to download a trojan binary from an external server and saved it in a system cache directory. It then made the file executable and launched it silently in the background before removing traces of the script.
Windows
On Windows systems, the dropper copied PowerShell into a disguised file named wt.exe and executed a VBScript to retrieve and run a PowerShell-based RAT. Persistence was achieved using a batch file and a registry autorun entry.
Linux
For Linux environments, the malware downloaded a Python script into the /tmp directory and executed it using background processes, enabling remote control functionality.
Unified Command-and-Control Design
Despite platform differences, all variants communicated with the same C2 infrastructure using distinct request identifiers. This allowed the server to deliver the correct payload based on the target system.
The RATs supported capabilities such as:
- System reconnaissance
- File system exploration
- Command execution
- Payload delivery
In many cases, the malware initiated periodic communication with the C2 server every 60 seconds to receive further instructions.
Stealth and Anti-Forensic Techniques
One of the most notable aspects of this attack is its stealth. No malicious code was directly added to Axios itself. Instead, all harmful behavior was embedded within a transitive dependency.
To evade detection, the malware:
- Removed the postinstall script after execution
- Replaced the modified package.json with a clean version
- Renamed backup files to appear legitimate
This approach significantly reduced the chances of detection during code reviews.
Potential Attribution and Wider Impact
Researchers observed similarities between the macOS payload and a previously identified backdoor known as WAVESHAPER, which has been linked to a North Korean threat group. However, attribution remains unconfirmed.
The attack also extended beyond Axios, with additional packages such as:
- @shadanai/openclaw
- @qqbrowser/openclaw-qbot
distributing the same malicious components through embedded dependencies.
Found this article interesting? Follow us on X (Twitter) , Facebook, Blue sky and LinkedIn to read more exclusive content we post.
