High

Analysis Summary

A supply chain compromise targeting the widely used Axios npm package has been attributed by security team to a financially motivated North Korean threat cluster known as UNC1069. The attackers reportedly gained control of the package maintainer’s npm account and published two malicious versions (1.14.1 and 0.30.4), embedding a harmful dependency called “plain-crypto-js.”

Rather than modifying Axios itself, the attackers used a stealthy technique by inserting a postinstall script within the dependency’s package.json file. This allowed malicious code to execute automatically during installation without raising immediate suspicion. The dependency acted as a delivery mechanism for an obfuscated JavaScript dropper named SILKBELL, which fetched platform-specific payloads depending on the victim’s operating system.

The attack targeted Windows, macOS, and Linux systems. On Windows, it deployed PowerShell-based malware; on macOS, a C++ Mach-O binary; and on Linux, a Python backdoor. After execution, the dropper removed traces of itself and replaced the malicious package configuration with a clean version to evade detection.

The delivered backdoor, WAVESHAPER.V2, is an evolved variant of a previously known UNC1069 tool. It communicates with command-and-control (C2) servers every 60 seconds and supports commands such as terminating processes, listing directories, executing scripts, and injecting arbitrary binaries. Compared to its predecessor, it uses JSON-based communication and gathers more system data while maintaining similar behavioral traits.

This campaign highlights UNC1069’s continued focus on supply chain attacks, historically linked to cryptocurrency theft. Researchers believe the operation was highly coordinated, with rapid deployment across multiple package versions and built-in anti-forensics mechanisms.

Mitigation measures include auditing dependencies for compromised versions, pinning Axios to safe releases, removing the malicious package, blocking associated C2 infrastructure, isolating infected systems, and rotating credentials. Experts warn that this incident represents a broader, scalable attack model, urging organizations to secure all software supply chains and treat potentially exposed secrets as compromised.

Impact

• Unauthorized Access
• Lateral Movement
• Operational Disruption
• Credentials Theft

Indicators of Compromise

SHA1

• 59faac136680104948e083b3b67a70af9bfa5d5e
• 13ab317c5dcab9af2d1bdb22118b9f09f8a4038e
• a90c26e7cbb3440ac1cad75cf351cbedef7744a8
• dbd62d788ce8dcaa96116a73f70ee24813d59428
• b0e0f12f1be57dc67fa375e860cedd19553c464d
• 978407431d75885228e0776913543992a9eb7cc4
• 07d889e2dadce6f3910dcbc253317d28ca61c766

URL

• http://sfrclak.com/

Remediation

• Audit dependency tree to identify and remove compromised Axios versions (1.14.1, 0.30.4) to eliminate malicious code
• Pin Axios to a known safe version in package-lock.json to prevent accidental upgrades to tampered releases
• Search for and delete the “plain-crypto-js” package in node_modules to remove the malicious dependency
• Terminate suspicious processes related to SILKBELL or WAVESHAPER to stop active infections
• Block known C2 infrastructure (domain and IP) to prevent further attacker communication
• Isolate affected systems from the network to contain potential lateral movement
• Rotate all credentials (API keys, tokens, passwords) that may have been exposed during compromise
• Rebuild systems or containers from clean sources to ensure complete removal of persistence mechanisms
• Monitor network traffic for unusual beaconing patterns (e.g., 60-second intervals) to detect infections
• Implement strict access controls and enable MFA on npm and developer accounts to prevent account takeovers
• Verify integrity of all dependencies across package managers (npm, PyPI, NuGet) to detect broader supply chain risks
• Enhance logging and endpoint detection to identify similar postinstall or script-based execution behavior