Microsoft Outlines Mitigation Strategies for Axios npm Supply Chain Attack
On March 31, 2026, a significant supply chain attack was uncovered involving Axios, a widely utilized JavaScript library. Malicious code was identified in two specific versions of the Axios npm package—1.14.1 and 0.30.4. This code was designed to covertly install harmful software on developers’ systems without any visible alerts.
Axios is a cornerstone in the JavaScript ecosystem, boasting over 70 million weekly downloads. Developers depend on it for making HTTP requests in both web and backend applications. Given its extensive adoption, any compromise within its releases can have far-reaching implications, potentially affecting thousands of organizations, automated build pipelines, and live production environments simultaneously.
Microsoft’s Threat Intelligence team traced the infrastructure behind this attack to Sapphire Sleet, a North Korean state-sponsored threat group active since at least March 2020. This group primarily targets financial entities, including cryptocurrency exchanges, venture capital firms, and blockchain organizations, aiming to steal digital assets and financial data. They are also known to use platforms like LinkedIn to lure potential victims into downloading malicious files hosted on attacker-controlled cloud storage services.
Mechanism of the Attack
The attackers introduced a counterfeit dependency named `[email protected]` into the compromised Axios versions. This dependency executed a post-install script that connected to a command-and-control (C2) server, subsequently downloading a second-stage remote access trojan (RAT). The malicious payloads were tailored for different operating systems, ensuring a broad reach across Windows, macOS, and Linux platforms.
A particularly insidious aspect of this attack was its exploitation of npm’s auto-update feature. Projects configured to automatically accept minor or patch updates for Axios would inadvertently incorporate the compromised release during routine installations or updates, triggering the malicious sequence without any additional actions from the developer.
Stealthy Dependency Injection
Instead of modifying Axios’s core source code, the attackers embedded `plain-crypto-js` as a new dependency that activated during installation. When developers executed `npm install` or when CI/CD pipelines initiated builds, the package manager automatically resolved and installed `[email protected]`. This package’s lifecycle script then launched `setup.js`, a first-stage loader that used multiple layers of obfuscation to reconstruct sensitive strings at runtime before connecting to the attacker’s server at `hxxp://sfrclak[.]com:8000/6202033`.
To evade early detection, the attackers initially published a clean version (`[email protected]`) to establish a legitimate publishing history before introducing the malicious `4.2.1` update. On Windows systems, `setup.js` deployed a VBScript stager that launched a PowerShell RAT, achieving persistence through a registry run key. On macOS, a native binary named `com.apple.act.mond` was discreetly placed in the `Library/Caches` folder. On Linux, a Python payload called `ld.py` was written to the `/tmp` directory and executed in the background. After the second-stage payload was active, `setup.js` removed itself and replaced the original package manifest with a clean-looking copy, complicating post-incident analysis.
Mitigation Steps
Microsoft’s Threat Intelligence team has provided clear guidance for organizations affected by this attack:
1. Rollback Axios Deployments: Revert all Axios deployments to version `1.14.0` or `0.30.3`.
2. Rotate Secrets and Credentials: Assume that any secrets or credentials present on systems where the compromised versions were installed may have been exposed. Rotate these credentials immediately.
3. Audit Systems for Malicious Activity: Conduct thorough audits of systems to identify any signs of unauthorized access or malicious activity.
4. Implement Strict Dependency Management: Review and tighten dependency management practices to prevent automatic updates from introducing unverified code into production environments.
5. Enhance Monitoring and Logging: Strengthen monitoring and logging mechanisms to detect unusual behaviors or unauthorized access attempts promptly.
By following these steps, organizations can mitigate the risks associated with this supply chain attack and bolster their defenses against similar threats in the future.
