New Supply Chain Attack Alert: Malicious npm Packages Precisely Identify User Environments

Attack Overview

This attack began on November 24, 2025, when attackers compromised 492 npm packages by implanting a self-replicating worm virus. These infected packages had a cumulative monthly download volume exceeding 132 million times, affecting numerous well-known projects including Zapier, PostHog, AsyncAPI, and others.

The core objective of the attack was to steal developers' sensitive credentials. Malicious scripts would execute during the package installation process and utilize the secret scanning tool TruffleHog to steal system passwords, API keys, cloud access tokens, and GitHub or npm credentials. After successful acquisition, this data was exfiltrated to a public GitHub repository named "Sha1-Hulud: The Second Coming."

The Attack Chain

The attack's implementation relied on a sophisticated chain with the following core methods and evasion techniques:

Supply Chain Entry and Propagation

Attackers primarily impersonated the Bun runtime environment to implant malicious scripts (such as setup_bun[.]js and bun_environment[.]js) into software packages. When infected packages were installed, these scripts would automatically execute, not only stealing information but also abusing GitHub Actions to establish persistent access. Furthermore, they used stolen credentials to publish more malicious packages, forming a self-replicating worm cycle.

Precise Environment Identification and Diversion

To evade detection and conduct precise strikes, attackers also abused commercial cloaking services like Adspect for environment fingerprinting. Malicious code would collect hundreds of parameters including browser user agents, hostnames, referrer pages, screen resolution, font lists, and more. Based on these fingerprints, the Adspect service would determine whether the visitor was a genuine victim or a security researcher and dynamically return different content to hide the real attack page.

Multiple Anti-Analysis Techniques

To counter security analysis, these malicious software packages integrated various anti-analysis techniques, such as disabling right-click menus, blocking F12 developer tools, and intercepting view source code operations. When developer tools were detected, the page would automatically refresh, making it difficult for researchers to conduct static code analysis and reverse engineering.

Profound Impact on Developers

The impact of this attack incident far exceeds ordinary data breaches:

Risk to Enterprise Core Infrastructure

Since stolen credentials often include access tokens for cloud services like AWS, Azure, and GCP, attackers could not only steal data but also directly control enterprise cloud infrastructure. They could even attempt privilege escalation in Docker environments, thereby deploying ransomware, conducting cryptocurrency mining, or carrying out data extortion.

Supply Chain Security Trust Erosion

The attack affected numerous widely used and trusted open-source projects. This weaponized the trust relationships based on the open-source ecosystem, demonstrating that a single compromised maintainer account is enough to endanger the entire downstream ecosystem, highlighting the fragility of the open-source supply chain.

Protection Measures and Recommendations

Faced with increasingly complex supply chain attacks, developers and organizations need to adopt multi-layered, in-depth protection strategies:

Immediate Investigation and Remediation

· Check if affected software packages are used in your projects and immediately remove and replace them.

· Rotate all potentially compromised credentials, including GitHub tokens, npm tokens, SSH keys, API keys, and environment variable keys.

· Check GitHub for the presence of actionsSecrets.json files created by the malware or repositories named "Sha1-Hulud: The Second Coming".

Strengthen Development Environment and Processes

· In CI/CD environments, if possible, disable the execution permissions for npm's postinstall scripts to break the attack chain.

· Implement strict version pinning and package lockfiles to prevent dependencies from being automatically updated to malicious versions.

· Enable two-factor authentication (2FA) for all software package registry accounts and train developers to identify phishing emails targeting maintainers.

Implement Continuous Monitoring and Auditing

· Use Software Composition Analysis (SCA) tools like npm audit and Snyk to continuously scan project dependencies, promptly identifying known vulnerabilities and malicious versions.

· Integrate logs from platforms like GitHub into SIEM systems to enhance monitoring of abnormal activities.