In a significant security breach, over 1,400 developers have been affected by a malicious post-install script embedded within the widely-used NX build tool. This script clandestinely created repositories named s1ngularity-repository in the developers’ GitHub accounts, containing base64-encoded dumps of sensitive information such as wallet files, API keys, .npmrc credentials, and environment variables harvested directly from their file systems.
Key Takeaways:
1. Malware in NX Build Tool: The compromised NX build tool includes a post-install script that exfiltrates sensitive data and creates unauthorized GitHub repositories.
2. Targeting AI-Powered CLIs: The malware specifically seeks out the presence of AI command-line interfaces (CLIs) like Claude and Gemini to enhance its data exfiltration capabilities.
3. Immediate Mitigation Required: Developers are urged to delete any suspicious repositories, update NX to a secure version, and rotate all potentially exposed secrets without delay.
AI-Assisted Data Exfiltration:
According to reports from Semgrep, attackers exploited the NX post-install hook through a file named `telemetry.js`, enabling the execution of malicious code immediately after the package installation. The malware initiates its operation by collecting environment variables and attempting to locate GitHub authentication tokens via the GitHub CLI. With these credentials, it proceeds to create public repositories, such as s1ngularity-repository-0, and commits the stolen data in a file named `results.b64`.
A particularly novel aspect of this campaign is its integration with AI-powered CLIs like Claude Code CLI and Gemini CLI. If either of these tools is detected on the system, the malware issues a carefully crafted prompt to conduct comprehensive filesystem scans. This AI-driven approach offloads the bulk of signature-based filesystem enumeration to the large language model (LLM), complicating traditional malware detection methods.
Affected NX Versions and Mitigation Steps:
The following NX versions have been identified as vulnerable:
– @nx/devkit 21.5.0, 20.9.0
– @nx/enterprise-cloud 3.2.0
– @nx/eslint 21.5.0
– @nx/key 3.2.0
– @nx/node 21.5.0, 20.9.0
– @nx/workspace 21.5.0, 20.9.0
– @nx 20.9.0–20.12.0, 21.5.0–21.8.0
Recommended Actions for Developers:
1. Identify Vulnerable Dependencies: Run the following command to check for vulnerable NX versions in your project:
“`bash
npm ls @nx/devkit @nx/enterprise-cloud @nx/eslint @nx/key @nx/node @nx/workspace @nx
“`
Alternatively, inspect your lockfiles for any of the affected dependencies.
2. Search for Unauthorized Repositories: Examine your GitHub account for any repositories named s1ngularity-repository and delete them immediately.
3. Update NX to a Secure Version: Upgrade to NX version 21.4.1 or later, as the vulnerable versions have been removed from npm.
4. Rotate Exposed Secrets: Change all potentially compromised credentials, including GitHub tokens, npm credentials, SSH keys, and environment variables.
5. Remove Malicious Directives: Check your shell startup files (e.g., `.bashrc`) for any unauthorized shutdown directives and remove them.
As this incident continues to unfold, organizations are strongly encouraged to monitor repository creations and enforce strict post-installation auditing to prevent similar attacks in the future.
