North Korean Threat Actor Compromises Axios npm Packages in Supply Chain Attack
On March 31, 2026, Microsoft uncovered a supply chain compromise involving two malicious versions of the widely used JavaScript HTTP client, Axios (1.14.1 and 0.30.4). The attack, attributed to North Korean state-backed threat actor Sapphire Sleet, introduced a hidden dependency plain-crypto-js@4.2.1 that executed silently during npm installation via lifecycle hooks.
The malicious dependency did not alter Axios’s core functionality but instead contacted attacker-controlled command-and-control (C2) infrastructure (hxxp://sfrclak[.]com:8000/6202033, hosted on IP 142.11.206[.]73) to deploy a second-stage remote access trojan (RAT). The attack targeted developer workstations, CI/CD pipelines, and production systems, leveraging Axios’s broad adoption to maximize impact.
Attack Mechanics
To evade detection, the threat actor first released a benign version (plain-crypto-js@4.2.0) before publishing the malicious 4.2.1, which included an install-time script (setup.js) and a decoy manifest. The compromised Axios versions bypassed standard CI-backed publishing processes, adding the rogue dependency without triggering alarms.
During installation, the post-install hook executed setup.js, which:
- Fingerprinted the platform (Windows, macOS, or Linux) via encoded POST requests.
- Downloaded tailored payloads from the C2, including:
- macOS: A native binary (com.apple.act.mond) dropped in /Library/Caches, executed via zsh.
- Windows: A PowerShell RAT (6202033.ps1) persisted via a hidden Run registry key, masquerading as wt.exe.
- Linux: A Python-based RAT (ld.py) executed with nohup to suppress output.
- Self-cleaned by deleting its loader and replacing it with a sanitized manifest to minimize forensic traces.
Attribution & Impact
Microsoft’s Threat Intelligence linked the infrastructure and tactics to Sapphire Sleet, a North Korean group known for financially motivated operations targeting cryptocurrency and fintech sectors. The attack exploited npm’s auto-update mechanisms, allowing malware to spread undetected across environments where Axios was a dependency.
Mitigation & Response
Microsoft Defender detected the activity and deployed protections to block the malicious components. Recommended actions included:
- Rotating exposed secrets and downgrading to safe Axios versions (1.14.0 or 0.30.3).
- Removing malicious artifacts and reinstalling clean packages.
- Hardening npm usage by disabling auto-upgrades, pinning exact versions, and restricting dependency bots.
- Monitoring for outbound connections to sfrclak[.]com or 142.11.206[.]73:8000.
- Adopting Trusted Publishing with OIDC to reduce account takeover risks.
The incident highlights the risks of supply chain attacks, where a single compromised dependency can serve as a cross-platform malware delivery vector.
Source: https://gbhackers.com/axios-npm-supply-chain/
Microsoft Security Response Center cybersecurity rating report: https://www.rankiteo.com/company/microsoft-security-response-center
Axios cybersecurity rating report: https://www.rankiteo.com/company/axios
"id": "MICAXI1775125502",
"linkid": "microsoft-security-response-center, axios",
"type": "Cyber Attack",
"date": "3/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Organizations using compromised '
'Axios versions (1.14.1 or '
'0.30.4)',
'industry': 'Technology/Software Development',
'name': 'Axios',
'type': 'Software Library'}],
'attack_vector': 'Malicious npm package dependency',
'date_detected': '2026-03-31',
'date_publicly_disclosed': '2026-03-31',
'description': 'Microsoft uncovered a supply chain compromise involving two '
'malicious versions of the widely used JavaScript HTTP client, '
'Axios (1.14.1 and 0.30.4). The attack, attributed to North '
'Korean state-backed threat actor Sapphire Sleet, introduced a '
'hidden dependency plain-crypto-js@4.2.1 that executed '
'silently during npm installation via lifecycle hooks. The '
'malicious dependency contacted attacker-controlled '
'command-and-control (C2) infrastructure to deploy a '
'second-stage remote access trojan (RAT). The attack targeted '
'developer workstations, CI/CD pipelines, and production '
'systems, leveraging Axios’s broad adoption to maximize '
'impact.',
'impact': {'brand_reputation_impact': 'Potential reputational damage to Axios '
'and affected organizations',
'operational_impact': 'Potential unauthorized access to systems, '
'malware deployment',
'systems_affected': 'Developer workstations, CI/CD pipelines, '
'production systems'},
'initial_access_broker': {'backdoors_established': 'Second-stage RAT '
'deployment via C2 '
'infrastructure',
'entry_point': 'Malicious npm package dependency '
'(plain-crypto-js@4.2.1)',
'high_value_targets': 'Developer workstations, '
'CI/CD pipelines, production '
'systems'},
'investigation_status': 'Ongoing',
'lessons_learned': 'The incident highlights the risks of supply chain '
'attacks, where a single compromised dependency can serve '
'as a cross-platform malware delivery vector. Hardening '
'npm usage by disabling auto-upgrades, pinning exact '
'versions, and restricting dependency bots is critical.',
'motivation': 'Financial gain, espionage',
'post_incident_analysis': {'corrective_actions': 'Adoption of Trusted '
'Publishing with OIDC, '
'hardening npm usage '
'policies',
'root_causes': 'Exploitation of npm auto-update '
'mechanisms and lifecycle hooks, '
'lack of Trusted Publishing for npm '
'packages'},
'recommendations': ['Rotate exposed secrets and downgrade to safe Axios '
'versions (1.14.0 or 0.30.3).',
'Remove malicious artifacts and reinstall clean packages.',
'Harden npm usage by disabling auto-upgrades, pinning '
'exact versions, and restricting dependency bots.',
'Monitor for outbound connections to sfrclak[.]com or '
'142.11.206[.]73:8000.',
'Adopt Trusted Publishing with OIDC to reduce account '
'takeover risks.'],
'references': [{'date_accessed': '2026-03-31',
'source': 'Microsoft Threat Intelligence'}],
'response': {'containment_measures': 'Blocking malicious components, '
'downgrading to safe Axios versions '
'(1.14.0 or 0.30.3)',
'enhanced_monitoring': 'Monitoring for outbound connections to '
'sfrclak[.]com or 142.11.206[.]73:8000',
'remediation_measures': 'Removing malicious artifacts, '
'reinstalling clean packages, rotating '
'exposed secrets',
'third_party_assistance': 'Microsoft Defender'},
'threat_actor': 'Sapphire Sleet',
'title': 'North Korean Threat Actor Compromises Axios npm Packages in Supply '
'Chain Attack',
'type': 'Supply Chain Attack',
'vulnerability_exploited': 'npm auto-update mechanisms, lifecycle hooks in '
'package installation'}