A recent supply chain attack, dubbed the ‘Solana FakeFix’ campaign, has been identified targeting developers within the Solana ecosystem. This operation involves 25 malicious packages distributed through the npm and PyPI repositories, designed to exfiltrate sensitive information such as wallet keys, cloud credentials, and SSH keys upon installation or import.
The attackers employed deceptive tactics by naming these packages similarly to legitimate Solana tools, including ‘solana-web3-stable’, ‘solana-rpc-client’, and ‘@solana-labs/web3.js’. This strategy aims to mislead developers facing build issues or dependency conflicts into believing they are installing genuine fixes.
Security researchers at JFrog Security Research uncovered this campaign, categorizing it into two clusters: the ‘Solana FakeFix’ group comprising 20 packages targeting Solana developers, and a CMS-themed cluster of 5 packages that deploy hidden Windows executables on compromised systems.
The evolution of the attack is notable. Initial versions utilized straightforward install-time scripts, whereas later iterations incorporated fully functional Solana bundles with stealer code subtly injected after legitimate exports, complicating detection efforts. The threat actors also promoted these malicious packages by spamming GitHub issues, presenting them as community-driven solutions to existing problems in the Solana SDK.
In total, the campaign encompasses 16 malicious npm packages and 4 PyPI packages under the FakeFix group, along with 5 additional npm packages in the CMS loader group. Each package was meticulously crafted to function as expected during testing while covertly executing data-stealing payloads in the background.
The delivery mechanisms varied between platforms. On npm, a ‘postinstall’ lifecycle hook triggered a JavaScript payload immediately upon installation, requiring no further action from the developer. On PyPI, the malicious code resided within the ‘__init__.py’ file, executing as soon as the package was imported in any script or notebook.
Once activated, the payloads searched for Solana keypair files, SSH private keys, AWS credential files, ‘.env’ files, and environment variables containing keywords like KEY, SECRET, MNEMONIC, or PASSWORD. The harvested data was then transmitted in real-time to an attacker-controlled Telegram bot.
More sophisticated variants of these packages installed persistent backdoors that polled Telegram for remote commands, enabling attackers to retrieve SSH keys, extract environment variables, or execute arbitrary shell commands on the victim’s machine. One particular variant attempted to drain the victim’s Solana funds and alter local RPC settings, escalating the threat from a one-time data theft to a persistent remote access issue.
This campaign underscores the growing sophistication of supply chain attacks targeting the open-source ecosystem. Developers are urged to exercise heightened vigilance when incorporating third-party packages, especially those related to cryptocurrency development. Verifying the authenticity of packages, scrutinizing their source, and monitoring for unusual behavior post-installation are critical steps in mitigating such risks.
