IronWorm and Miasma Worm Variant Compromise npm Ecosystem in Sophisticated Supply Chain Attacks
In a series of alarming developments, the npm ecosystem has been targeted by multiple software supply chain attacks. Threat actors have employed both malicious and trojanized versions of over 50 legitimate packages to disseminate a Rust-based information stealer, dubbed IronWorm, and a self-propagating worm known as the Miasma variant.
IronWorm: A Rust-Based Information Stealer
According to research by JFrog, IronWorm is a sophisticated malware that scrapes every secret it can find on a developer’s machine, hides behind an eBPF kernel rootkit, and communicates with its operator over Tor. This stealer not only exfiltrates sensitive information but also utilizes the stolen credentials to propagate itself, reminiscent of the infamous Shai-Hulud worm.
The attack vector involves publishing trojanized packages to the npm registry, resulting in a self-replicating mechanism. The malicious activity has been traced back to a compromised npm account named asteroiddao, which has been found to publish package versions containing the Rust ELF binary executed via a preinstall hook.
IronWorm targets 86 environment variables and various files that may contain credentials associated with services such as OpenAI Codex, Anthropic’s Claude, Google Gemini, Cursor, Amazon Web Services (AWS), Docker, Kubernetes, npm, vault configurations, and Exodus cryptocurrency wallet files. Notably, the stealer includes logic to skip the threat actor’s own wallet, indicating a level of self-preservation.
JFrog describes IronWorm as a supply chain weapon built to find secrets, modify projects, and inject malicious code to self-propagate across GitHub. The malware introduces malicious commits under the author name claude ([email protected]) across nine GitHub organizations, mimicking Anthropic’s AI chatbot to evade detection.
The malware’s capabilities extend to swapping existing GitHub Actions workflows with ones capable of harvesting secrets, writing them to innocuous-looking files, and uploading them as build artifacts, thereby eliminating the need for an external command-and-control (C2) server. In continuous integration (CI) environments, it abuses npm’s Trusted Publishing flow to obtain short-lived tokens, enabling the push of poisoned versions containing the malware to the registry.
Additionally, IronWorm incorporates an eBPF payload functioning as a kernel-level rootkit to hide processes and thwart analysis. However, on systems where kernel lockdown is enabled, these process-hiding techniques fail, rendering the processes and sockets visible again.
Miasma Worm Variant: A New Threat
Concurrently, research by Endor Labs and StepSecurity has uncovered a distinct supply chain attack campaign compromising 57 npm packages across more than 286 malicious versions to serve a new variant of the Miasma worm. This variant previously infected 32 packages across more than 90 versions under the @redhat-cloud-services npm namespace within a mere 72 seconds earlier this week.
The Miasma worm variant represents a significant evolution in malware tactics, emphasizing the need for heightened vigilance within the software development community.
Implications and Recommendations
These incidents underscore the escalating sophistication of supply chain attacks targeting the npm ecosystem. Developers and organizations must adopt proactive measures to safeguard their environments:
– Regular Audits: Conduct thorough audits of all dependencies to identify and mitigate potential vulnerabilities.
– Credential Management: Implement robust credential management practices, including the use of environment variables and secure storage solutions.
– Monitoring and Detection: Utilize advanced monitoring tools to detect unusual activities, such as unauthorized commits or package publications.
– Security Training: Educate development teams on the risks associated with supply chain attacks and best practices for mitigating them.
By staying informed and implementing comprehensive security measures, the development community can better defend against these evolving threats.
