A major software supply chain attack has impacted the JavaScript ecosystem after threat actors compromised the widely used Axios NPM package. The malicious releases silently introduced a dependency that deployed a cross-platform backdoor affecting Windows, macOS, and Linux systems.
The incident highlights the growing risks associated with open-source dependencies and how routine package installations can become entry points for large-scale compromises.
Compromised Axios Versions Spread Malicious Dependency
The attack targeted two specific Axios versions, which pulled in a malicious dependency that delivered the WAVESHAPER.V2 backdoor during installation. Because Axios is commonly used for handling HTTP requests in JavaScript applications, the potential impact spans developer environments, CI/CD pipelines, and production workloads.
Researchers linked the activity to UNC1069, a financially motivated group believed to have compromised the maintainer account and modified the package configuration. The attackers inserted a dependency that executed automatically through a post-install hook, allowing malware to run without user interaction.
This technique made the attack particularly dangerous, as simply running an npm install command triggered the infection in the background.
Cross-Platform Infection Through Post-Install Script
The infection chain relied on an obfuscated JavaScript dropper identified as setup.js, also tracked as SILKBELL. Once executed, the script detected the host operating system and deployed platform-specific payloads.
On Windows systems, the script searched for PowerShell, copied it to a different location, and downloaded an additional stage using curl. The payload executed silently with execution policy bypass options to avoid detection.
On macOS, the dropper used bash and curl to download a Mach-O binary into a system cache directory. It then modified file permissions and launched the payload through zsh.
Linux systems received a Python-based backdoor placed in a temporary directory. Each variant aimed to establish persistence and maintain remote control over the infected host.
WAVESHAPER.V2 Backdoor Capabilities
The final payload, WAVESHAPER.V2, communicated with its command-and-control server at regular intervals using encoded JSON over port 8000.
Once active, the backdoor allowed attackers to:
- Collect system and environment information
- List files and directories
- Execute commands remotely
- Deploy additional payloads
- Maintain persistent access
On Windows, the malware also created persistence by adding a hidden startup entry under the MicrosoftUpdate registry key, ensuring execution at user logon.
Anti-Forensic Techniques Used in the Attack
The dropper attempted to hide its activity by deleting itself after execution and restoring altered configuration files. These anti-forensic measures were designed to make incident response and investigation more difficult.
Because the malicious dependency executed during installation, many affected systems may not show obvious signs of compromise, increasing the risk of undetected persistence.
Security Recommendations for Developers and Organizations
Organizations should take immediate action to reduce exposure and contain potential compromise:
- Avoid affected Axios versions and downgrade to safe releases
- Inspect lockfiles for suspicious dependencies
- Treat systems that installed the malicious package as compromised
- Rebuild affected hosts or restore from clean backups
- Rotate credentials, API keys, and tokens
- Pause CI/CD pipelines until validation is complete
- Clear package manager caches
- Monitor for unusual Node.js child processes
- Block communication with known malicious infrastructure
Supply Chain Security Risks Continue to Grow
This incident demonstrates how attackers are increasingly targeting trusted open-source packages. By compromising a widely used dependency, threat actors can move from a routine software update to full cross-platform compromise.
Since Axios is deeply embedded in many dependency trees, organizations must evaluate both direct and indirect exposure. Security teams should also validate adjacent systems where malicious dependencies may have propagated.
The attack underscores a critical lesson for modern development environments: package installation is no longer a low-risk operation. Continuous dependency monitoring, version pinning, and rapid containment are now essential to defending against software supply chain threats.
