Full Report
Overview of the recent Axios NPM supply chain incident including details of the payloads delivered from actor-controlled infrastructure.
Analysis Summary
# Incident Report: Axios NPM Supply Chain Incident
## Executive Summary
On March 31, 2026, the popular Axios JavaScript library was targeted in a supply chain attack involving the injection of malicious code into versions 1.14.1 and 0.30.4. The attack introduced a malicious dependency called `plain-crypto-js` that delivered platform-specific Remote Access Trojans (RATs) to Linux, MacOS, and Windows systems. Although the malicious packages were only available for three hours, the scale of Axios—which sees 100 million weekly downloads—presents a significant risk of credential theft and long-term unauthorized access.
## Incident Details
- **Discovery Date:** March 31, 2026
- **Incident Date:** March 31, 2026
- **Affected Organization:** Users of the Axios NPM package
- **Sector:** Technology / Software Development (Supply Chain)
- **Geography:** Global
## Timeline of Events
### Initial Access
- **Date/Time:** March 31, 2026 (Duration: ~3 hours)
- **Vector:** Supply Chain Compromise / Repository Injection
- **Details:** Threat actors gained unauthorized access to the official Axios NPM repository and published two malicious versions (v1.14.1 and v0.30.4).
### Lateral Movement
- **Details:** Once the RAT was established, actors aimed to exfiltrate credentials to facilitate lateral movement within compromised environments and downstream applications.
### Data Exfiltration/Impact
- **Details:** The primary impact involved the exfiltration of credentials and the establishment of remote management capabilities (RAT) on affected endpoints.
### Detection & Response
- **How it was discovered:** Actively investigated by Cisco Talos following the deployment of malicious versions.
- **Response actions taken:** Malicious packages were removed; security advisories were issued to roll back to versions 1.14.0 or 0.30.3.
## Attack Methodology
- **Initial Access:** NPM registry poisoning (Supply Chain Attack).
- **Persistence:** Implementation of a fake runtime dependency (`plain-crypto-js`) that triggers via `post-install` scripts.
- **Privilege Escalation:** Not explicitly detailed, but payloads utilized OS-native shells (zsh, PowerShell) to execute with user privileges.
- **Defense Evasion:** On Windows, the PowerShell executable was copied to `%PROGRAM DATA%\wt.exe` and run with `-Hidden` and execution policy bypass flags.
- **Credential Access:** Exfiltration of credentials present on the infected systems.
- **Discovery:** Payloads performed reconnaissance of operating system information to deliver platform-specific malware.
- **Lateral Movement:** Leveraged compromised credentials for follow-on attacks.
- **Collection:** Gathering of OS info and user credentials.
- **Exfiltration:** Data sent to actor-controlled IP 142[.]11[.]206[.]73.
- **Impact:** Installation of a Remote Access Trojan (RAT) for persistent control.
## Impact Assessment
- **Financial:** High potential loss due to rapid weaponization of credentials for financial gain.
- **Data Breach:** Compromise of system credentials and environment variables.
- **Operational:** Widespread requirement for developers to roll back versions and rotate all secrets/credentials.
- **Reputational:** Significant impact on the trust of the Axios library and broader NPM ecosystem.
## Indicators of Compromise
- **Network indicators:**
- 142[.]11[.]206[.]73
- Sfrclak[.]com
- **File indicators (SHA256):**
- `setup.js`: e10b1fa84f1d6481625f741b69892780140d4e0e7769e7491e5f4d894c2e0e09
- `Linux payload`: fcb81618bb15edfdedfb638b4c08a2af9cac9ecfa551af135a8402bf980375cf
- `Windows payload`: 617b67a8e1210e4fc87c92d1d1da45a2f311c08d26e89b12307cf583c900d101
- `MacOS payload`: 92ff08773995ebc8d55ec4b8e1a225d0d1e51efa4ef88b8849d0071230c9645a
- **Behavioral indicators:** Execution of `wt.exe` from `%PROGRAM DATA%`; unexpected `post-install` network traffic to unknown IPs during NPM installs.
## Response Actions
- **Containment:** Removal of malicious versions from the NPM registry.
- **Eradication:** Recommendation to roll back to Axios v1.14.0 or v0.30.3.
- **Recovery:** Mandatory rotation of all credentials (keys, passwords, tokens) present on systems that downloaded the infected versions.
## Lessons Learned
- **Key takeaways:** Popular libraries remain primary targets for high-reach supply chain attacks. The use of `post-install` scripts in NPM packages continues to be a major blind spot for automated security tools.
- **What could have been done better:** Enhanced multi-factor authentication (MFA) for package maintainers and automated scanning of "post-install" hooks for suspicious network activity.
## Recommendations
- **Prevention:** Implement dependency pinning (using lockfiles) and conduct audits of third-party dependencies. Use tools like `npm audit` and consider "ignore-scripts" flags for production builds to prevent automatic execution of malicious code during installation.