DIGITAL LIFE

Supply chain attack compromises Axios and installs Trojan on Windows, macOS, and Linux

The popular Axios library, used in countless JavaScript projects to make HTTP requests, suffered a supply chain attack that compromised two specific versions published in the NPM registry. StepSecurity investigators identified versions 1.14.1 and 0.30.4 as malicious, published in the early morning of March 31, 2026. The packages injected a fake dependency that executes an installation script capable of installing a remote access trojan on developer machines.

One of the most popular HTTP clients in the JavaScript ecosystem, Axios, was the target of a supply chain attack after two versions of the package published on npm introduced a malicious dependency capable of installing a trojan on Windows, macOS, and Linux systems.

The affected versions, 1.14.1 and 0.30.4, included the fake dependency “plain-crypto-js” in version 4.2.1. According to the security company StepSecurity, these versions were published using compromised credentials of the main maintainer of Axios.

The malicious package was designed exclusively to execute a post-installation script that acts as a “dropper” – an initial installer – of a cross-platform remote access trojan (RAT). This code connects to a command and control (C2) server, downloads additional payloads specific to each operating system, and, after execution, erases its own traces to make forensic detection difficult.

According to researchers, the attack was not opportunistic. The malicious dependency was prepared in advance, with three distinct payloads developed for different operating systems. The two compromised versions of Axios were published only 39 minutes apart, in a coordinated and planned operation to maximize reach before detection.

Axios is one of the most widely used packages in the JavaScript ecosystem, with over 83 million weekly downloads, and is widely employed in front-end applications, back-end services, and enterprise systems.

The incident exposed the vast development ecosystem that depends on the library, one of the most downloaded on the platform with over 100 million weekly downloads. The attackers did not alter the core Axios code, but added a hidden dependency called plain-crypto-js@4.2.1. This dependency automatically activated when running npm install, installing specific payloads for Windows, macOS, and Linux.

How the maintenance account was compromised...Those responsible for the attack gained access to the NPM account of the project's main maintainer, identified as jasonsaayman. They changed the associated email address to ifstap@proton.me and manually published the compromised versions, bypassing the repository's automated continuous integration flows on GitHub. The first malicious version, axios@1.14.1, was released around 00:21 UTC, followed by axios@0.30.4 approximately 39 minutes later.

This approach allowed the packages to be made available without triggering signature checks or the usual CI/CD processes. The Axios maintainers reacted quickly after the discovery, and NPM removed both versions within a few hours, limiting the exposure time to about two to three hours.

The fake dependency plain-crypto-js@4.2.1 was not imported at any point in the original Axios code, serving exclusively to execute a postinstall script. The script acted as a remote access Trojan dropper, establishing contact with a command and control server to download additional payloads tailored to each operating system.

Obfuscation techniques were employed to hinder immediate analysis, with commands decoded at runtime. After successful installation, the malware removed its own traces, replacing the package.json file with a clean version to avoid detection in subsequent inspections of the node_modules folder.

Verification of affected versions with the command `npm list axios` filtering 1.14.1 or 0.30.4

Checking for the presence of the `node_modules/plain-crypto-js` folder as an indicator of compromise

Searching for artifacts such as temporary files in `/tmp/ld.py` or equivalents on other systems

Recommended mitigation measures for developers... Programmers who have installed versions 1.14.1 or 0.30.4 should consider their environment compromised and act immediately. The main recommendation is to revert to previous secure versions: axios@1.14.0 in the latest branch or axios@0.30.3 in the legacy version.

It is essential to remove the fake dependency, perform a clean installation with the –ignore-scripts flag, and rotate all sensitive credentials, including NPM tokens, SSH keys, cloud service access, and environment variables. In continuous integration pipelines, the permanent adoption of the parameter that ignores post-installation scripts helps prevent unwanted automatic executions.

Axios is among the most widely used libraries in the Node.js ecosystem and in front-end applications, being a direct or indirect dependency of numerous corporate and open-source projects. The attack highlights the inherent vulnerability of individual maintainer accounts in highly popular packages, even when the core code remains intact.

Security experts note that the method employed demonstrates operational sophistication, with prior preparation of the fake dependency in a clean version before injecting the malicious payload. This strategy complicated initial automatic detections and increased the risk during the short period that the versions were available.

Guidelines for checking and cleaning affected environments...Development teams need to audit installation logs and package history to identify if malicious versions were downloaded. The presence of the plain-crypto-js folder in node_modules serves as a strong indicator that the dropper was executed, regardless of subsequent file removal.

After the cleanup, a full scan of the systems with threat detection tools and monitoring of network connections to addresses associated with the control server is recommended. Immediate updating of security policies in private repositories also helps to reduce similar risks in other packages.

Prevention of future attacks on package registries...The incident reinforces the importance of measures such as rigorous multi-factor authentication on publishing accounts, continuous monitoring of changes in package metadata, and the adoption of more robust integrity checks. Open source projects with wide adoption may consider additional review processes before new releases.

Individual developers and companies should prioritize pinning known secure versions in project configuration files, avoiding the automatic installation of updates without prior validation. These practices help limit the attack surface in software supply chains.

The security community continues to monitor the case to map potential victims and refine detection tools. To date, there are no public reports of large-scale exploitation, but the unanimous recommendation is to treat any installation of the affected versions as a total compromise of the system involved.

mundophone