What is a software supply chain attack?

It's an attack that targets the development lifecycle of software. Instead of attacking a company's main network, threat actors inject malicious code into a trusted third-party component, like an open-source library. When developers include this compromised component in their applications, the malware spreads to their systems and potentially to their end-users.

What is axios and why was it targeted?

Axios is an extremely popular JavaScript library used for making HTTP requests from web browsers and Node.js applications. It's downloaded millions of times every week. Attackers target popular packages like axios because compromising them provides a distribution channel to a massive number of developers and organizations, maximizing the potential impact of their malware.

Was the legitimate axios package itself vulnerable?

No. The code of the legitimate `axios` package did not have a vulnerability. The attack succeeded because a threat actor compromised the npm account credentials of one of the project's maintainers. This allowed them to publish a new, malicious version disguised as a legitimate update.

How can I check if I was affected by this specific attack?

The malicious package was named `axios@0.21.1-fixed`. You should immediately check your project's `package-lock.json` or `yarn.lock` files for this exact version. If found, your development environment should be considered compromised. The RAT payload was often named `Microsoft.NET.Build.Tasks.dll`, so searching for this file on your system is also recommended.

What is a Remote Access Trojan (RAT)?

A Remote Access Trojan (RAT) is a type of malware that gives an attacker complete administrative control over an infected computer. Once installed, the attacker can execute commands, steal files and credentials, log keystrokes, take screenshots, and use the compromised machine to launch further attacks.

Hackers hijack Axios npm package to spread RATs

An attack on the foundation of modern development

In a stark reminder of the fragility of the software supply chain, threat actors successfully compromised a maintainer’s account for the hugely popular npm package, `axios`. This allowed them to publish a malicious version laced with a Remote Access Trojan (RAT), directly threatening any developer who installed the tainted update. The incident, uncovered by researchers at Checkmarx, underscores a dangerous and growing trend where attackers target the foundational open-source components that power millions of applications worldwide.

Axios is a promise-based HTTP client for JavaScript, a go-to library for developers needing to fetch data from APIs in both front-end and back-end applications. With millions of weekly downloads, its ubiquity makes it a high-value target. By poisoning this well, attackers aimed to infect not just individual developers, but to gain a foothold inside corporate development environments, opening the door to widespread data theft and espionage.

Technical breakdown of the Axios hijack

This was not an attack exploiting a flaw in the `axios` code itself. Instead, it was a classic account takeover. According to a detailed report from Checkmarx, threat actors gained access to an `axios` maintainer’s npm account, likely through phishing or credential stuffing. Once in control, they published a new version of the package on October 16, 2023, named axios@0.21.1-fixed.

The version name was a deliberate and cunning choice. By appending "-fixed," the attackers made it appear as a legitimate hotfix for version 0.21.1, increasing the likelihood that developers or automated systems would install it without suspicion. The attack followed a clear, multi-stage infection chain:

Installation: A developer, either manually or through their project’s dependency rules, installs the malicious axios@0.21.1-fixed package.
Execution: The package contained an obfuscated JavaScript file, dist/axios.js. When a project using this package was built or run, this script would execute.
Payload Delivery: The obfuscated script was designed to download and run a malicious executable file. This payload was the final stage of the attack: a Remote Access Trojan specifically targeting Windows systems.

The RAT masqueraded as a legitimate system file, often dropped with a name like Microsoft.NET.Build.Tasks.dll, to avoid detection. Once active, it established persistence on the infected machine by creating scheduled tasks or modifying registry keys. This ensured the malware would run automatically every time the system started. A RAT grants an attacker near-total control over a victim’s machine, enabling them to exfiltrate files, log keystrokes, capture screenshots, and execute arbitrary commands.

Fortunately, Checkmarx researchers detected the malicious package on October 17, just a day after its publication. They promptly alerted the npm security team, who removed the package from the registry and secured the compromised maintainer account. While the window of exposure was short, the potential for damage was immense.

The blast radius: Assessing the impact

The primary victims of this attack were developers and organizations who downloaded the malicious package during its brief availability. Any developer machine that installed axios@0.21.1-fixed must be considered fully compromised.

The severity of the impact is high for several reasons:

Data Exfiltration: Developer machines are treasure troves of sensitive information, including source code, API keys, private credentials, and internal network access. The RAT could have silently exfiltrated this data to attacker-controlled servers.
Lateral Movement: A compromised developer machine provides a perfect launchpad for attackers to move laterally within a corporate network, potentially compromising servers, databases, and other critical infrastructure.
Code Injection: Attackers could use their access to inject further malicious code into the company’s proprietary applications, turning them into distribution vehicles for more malware.

While the quick takedown limited the number of actual infections, the incident erodes trust in the open-source ecosystem. It demonstrates that even the most widely used and trusted packages are only as secure as the credentials of their maintainers.

A pattern of abuse in the open-source ecosystem

The `axios` incident is not an isolated event but part of a disturbing pattern of attacks targeting open-source package registries like npm and PyPI. Attackers have refined several techniques, including typo-squatting (publishing packages with names similar to popular ones) and dependency confusion (tricking build tools into pulling a malicious public package instead of a private internal one).

Account takeovers, as seen here, are particularly damaging. Similar incidents have plagued other popular packages. In 2021, the UAParser.js package was hijacked to distribute password stealers and crypto-miners. In 2022, the coa and rc packages were compromised in a similar fashion. These events have spurred calls from across the industry for package registries to enforce stronger security standards, most notably mandatory multi-factor authentication (MFA) for all package publishers.

How to protect your development pipeline

Securing the software supply chain requires a multi-layered defense. Developers, security teams, and open-source maintainers all have a role to play.

For Developers and Organizations:

Pin Your Dependencies: Use lockfiles (package-lock.json, yarn.lock) to pin the exact versions of your dependencies. This prevents your build from automatically pulling in a new, potentially malicious patch or minor version.
Audit Dependencies: Regularly run security audits on your projects using tools like npm audit. Integrate automated Software Composition Analysis (SCA) tools into your CI/CD pipeline to scan for known vulnerabilities and malicious packages.
Vet New Packages: Before adding a new dependency, scrutinize it. Check its download history, the maintainer's activity, and look for any red flags like an unusually-named version.
Monitor Network Traffic: Monitor outbound connections from developer workstations and build servers. A sudden connection to an unknown IP address could be a sign of a RAT calling home. Using a secure VPN service can also add a layer of encryption and privacy to network connections, especially for remote teams.

For Open-Source Maintainers:

Enable Multi-Factor Authentication (MFA): This is the single most effective defense against account takeover. Platforms like npm and GitHub strongly encourage or require MFA for publishers. If you maintain a package, enable it immediately.
Use Strong, Unique Passwords: Avoid password reuse across different services. Use a password manager to generate and store complex credentials.
Limit Publishing Rights: Apply the principle of least privilege. Only a small, trusted group of maintainers should have the permissions to publish new versions of a package.

The `axios` hijacking serves as a critical lesson. The convenience and power of open-source software come with inherent risks. As attackers increasingly focus on the supply chain, developers and organizations must shift from a mindset of implicit trust to one of active verification. Vigilance, combined with modern security tooling and best practices, is the only effective defense against the next poisoned package.