Typosquatted npm Packages Compromise Cloud and CI/CD Secrets
A recent surge in malicious npm packages has exposed a critical vulnerability in the software supply chain, targeting developers by stealing cloud credentials and CI/CD pipeline secrets. This attack underscores the growing sophistication of cyber threats within open-source ecosystems.
The Mechanism of the Attack
The attackers employed a technique known as typosquatting, where they created npm packages with names closely resembling popular libraries. This strategy exploits common typographical errors made by developers during package installation. In this instance, 14 malicious packages were uploaded to the npm registry within a four-hour window, mimicking widely used tools related to OpenSearch, ElasticSearch, DevOps, and environment-configuration libraries. Once installed, these packages immediately began collecting sensitive credentials and transmitting them to attacker-controlled servers without any visible signs of compromise.
Discovery and Analysis
Microsoft analysts identified the campaign, noting that all 14 packages were published by a single threat actor operating under the alias vpmdhaj, registered with the email a39155771@gmail[.]com. The packages contained a credential-harvesting payload—a 195 KB Bun-compiled binary targeting cloud and CI/CD environments. To appear trustworthy, the attackers used spoofed metadata, setting the homepage and repository fields to point to the legitimate OpenSearch project.
Scope of the Compromise
The stolen data included AWS credentials, HashiCorp Vault tokens, GitHub Actions tokens, and npm publish tokens. The theft of npm tokens is particularly concerning, as it could allow attackers to push malicious updates to other packages, potentially escalating the attack across the software supply chain. The breadth of targeted platforms—spanning multiple cloud services, CI/CD systems, and the npm registry itself—highlights the sophistication of this attack.
Execution and Evasion Techniques
The attack initiates when a developer runs `npm install`. Each malicious package uses an automatic lifecycle hook to trigger the execution of malicious code without additional action from the victim. Two variants of this stager were observed:
1. Older Generation: Contacts an external command-and-control server to fetch its payload.
2. Newer Generation: Silently downloads the legitimate Bun runtime and uses it to execute a pre-bundled malicious script hidden within the npm tarball.
The newer variant is particularly concerning as it avoids obvious outbound network traffic that might trigger security monitoring tools. Instead of reaching out to a suspicious server during installation, it leverages a legitimate runtime to execute its payload, thereby evading detection.
Broader Context of npm Supply Chain Attacks
This incident is part of a series of sophisticated attacks targeting the npm ecosystem:
– Shai-Hulud Worm: A self-replicating worm that compromised over 500 npm packages, injecting malicious code to spread by abusing developer credentials and npm publish workflows. ([cybersecuritynews.com](https://cybersecuritynews.com/cisa-shai-hulud-npm-attack/amp/?utm_source=openai))
– StegaBin Campaign: Utilized 26 malicious npm packages to deploy a multi-stage credential stealer, mixing typosquatting with staged delivery to run during installation and remain undetected. ([cybersecuritynews.com](https://cybersecuritynews.com/new-stegabin-campaign-uses-malicious-26-npm-packages/?utm_source=openai))
– Fake npm Install Messages: A campaign that used deceptive installation messages to hide the deployment of remote access trojans (RATs) on developer machines. ([cybersecuritynews.com](https://cybersecuritynews.com/fake-npm-install-messages-hide-rat-malware/?utm_source=openai))
Implications for Developers and Organizations
These attacks highlight the critical need for vigilance in managing dependencies within the software development lifecycle. Developers and organizations must implement robust security practices to mitigate the risks associated with malicious packages.
Recommended Mitigation Strategies
1. Verify Package Authenticity: Before installation, thoroughly check package names, maintainers, and associated metadata to ensure legitimacy.
2. Implement Automated Security Scanning: Utilize tools that can detect and alert on suspicious or malicious packages within your dependency tree.
3. Monitor for Unusual Activity: Keep an eye on network traffic and system behavior for signs of unauthorized access or data exfiltration.
4. Educate Development Teams: Provide training on the risks of typosquatting and the importance of cautious dependency management.
5. Regularly Update Dependencies: Ensure that all packages are up-to-date with the latest security patches and updates.
Conclusion
The recent wave of typosquatted npm packages stealing cloud and CI/CD secrets serves as a stark reminder of the vulnerabilities inherent in the open-source software supply chain. By adopting proactive security measures and fostering a culture of vigilance, developers and organizations can better protect themselves against such sophisticated attacks.
