The widely used JavaScript HTTP client Axios has become the center of a significant software supply chain attack. Google Threat Intelligence has attributed the compromise of the Axios npm package to the North Korea–linked group UNC1069, known for financially motivated operations against the cryptocurrency sector and software developers.
North Korean UNC1069 Group Compromises Popular Axios npm Package
According to Google Threat Intelligence and Mandiant, attackers obtained access to the Axios maintainer’s npm account and published two malicious releases: 1.14.1 and 0.30.4. Instead of directly modifying Axios source code, the adversaries introduced a new dependency named plain-crypto-js, which contained the core malicious logic.
This technique is typical of modern supply chain attacks: adversaries compromise a trusted component in the development toolchain and use it as a distribution vector. Similar tactics were seen in previous incidents such as event-stream in npm and the SolarWinds compromise in the enterprise space, demonstrating the strategic focus on upstream dependencies rather than individual end users.
How the Axios Supply Chain Attack Worked
Abusing npm postinstall Scripts for Stealthy Code Execution
The malicious plain-crypto-js package abused the postinstall hook in its package.json. In npm, a postinstall script is executed automatically after a package is installed. By embedding a custom postinstall command, the attackers ensured that arbitrary code ran silently whenever a project installed a compromised Axios version.
For developers, the process appeared as a routine dependency update. In the background, however, npm would trigger the postinstall script, launching a multi-stage infection chain without any explicit user interaction.
SILKBELL Dropper and WAVESHAPER.V2 Cross‑Platform Backdoor
Inside plain-crypto-js, investigators discovered an obfuscated JavaScript dropper dubbed SILKBELL (file setup.js). This dropper connected to a remote command-and-control (C2) server and downloaded a second-stage payload tailored to the victim’s operating system: a PowerShell implant for Windows, a C++ Mach-O binary for macOS, and a Python backdoor for Linux.
After execution, SILKBELL attempted self-cleanup: it removed traces of its activity and replaced the package.json of plain-crypto-js with a benign version that no longer contained the postinstall hook. This significantly complicates forensic analysis, as the obvious artifacts of compromise are erased shortly after installation.
The primary payload delivered in this campaign is assessed as an updated variant of a C++ backdoor tracked as WAVESHAPER.V2. Earlier forms of WAVESHAPER have been linked to UNC1069 operations against cryptocurrency organizations. The new version enhances data collection and command support, communicates with C2 servers using JSON-formatted data, and preserves distinctive traits such as ~60‑second polling intervals, a rare User-Agent string, dynamic C2 configuration via command‑line arguments, and consistent use of specific temporary directories (for example, /Library/Caches/com.apple.act.mond on macOS).
Impact on npm, PyPI, NuGet and Wider Software Supply Chains
Axios is embedded across a vast number of web applications, internal tools, and CI/CD pipelines. A malicious Axios build can therefore propagate deep into corporate environments, affecting build servers, developer workstations and automated agents that possess elevated access to source code, secrets and deployment infrastructure.
Analysts assess this operation as a template, scalable supply chain campaign rather than a one‑off incident. Indicators include near‑simultaneous release of trojanized builds on two Axios branches (within less than an hour), cross‑platform payloads for Windows, macOS and Linux, and built‑in evasion through self‑deleting components. The same tradecraft could be ported to other ecosystems such as PyPI (Python) and NuGet (.NET), extending the blast radius across languages and platforms.
This fits a broader industry trend: attackers increasingly target developers and DevOps pipelines, where compromising a single upstream dependency can cascade to thousands of downstream projects. Recent incidents involving malicious PyPI packages, compromised CI tools and backdoored libraries highlight how software supply chain security has become a primary attack surface.
Practical Security Recommendations for Developers and Organizations
1. Audit dependencies and rebuild artifacts. Examine dependency trees for Axios versions 1.14.1 and 0.30.4, and check for the presence of plain-crypto-js in node_modules. If found, immediately revert to known‑good versions, invalidate previous build artifacts, and perform clean rebuilds.
2. Pin versions and control updates. Use lockfiles such as package-lock.json or pnpm-lock.yaml to prevent unaudited dependency changes. Route npm traffic through private registries or proxies that enforce trust policies, vulnerability scanning and anomaly detection for new or updated packages.
3. Block attacker infrastructure and hunt for C2 activity. Add sfrclak[.]com and IP address 142.11.206[.]73 to network blocklists. Review DNS, proxy, firewall and EDR logs for historical or ongoing connections to these indicators and for similar C2 communication patterns (periodic beacons, unusual User‑Agents, unexpected PowerShell or Python activity).
4. Execute structured incident response. Isolate potentially affected development and CI/CD systems, terminate suspicious processes, and consider reimaging high‑risk hosts. Treat all credentials and tokens accessible from compromised machines (repository tokens, CI keys, cloud access keys, package registry logins) as exposed and rotate them promptly.
5. Strengthen secure development and supply chain practices. Implement continuous Software Composition Analysis (SCA), generate and validate Software Bills of Materials (SBOMs), and enforce multi‑factor authentication (MFA) for all npm, PyPI, NuGet and Git accounts. Apply least‑privilege access for technical users and automation, and monitor for anomalous modifications to critical packages and build configurations.
The Axios incident underscores that even mature, heavily adopted open‑source projects are not immune to targeted supply chain attacks. Organizations should treat software supply chain security as a core pillar of their cybersecurity strategy, hardening maintainer accounts, continuously monitoring dependencies and integrating security checks throughout the DevSecOps lifecycle. Proactive visibility into what code is being built and deployed—and where it originates—remains one of the most effective defenses against the next Axios‑style compromise.
