On March 31, 2026, the axios npm package — with over 100 million weekly downloads — was compromised in a sophisticated supply chain attack attributed to a North Korea-linked threat group (UNC1069). Two versions were affected: axios@1.8.4 and axios@0.30.0. Both have been removed from npm.
What Happened
The attackers gained maintainer access to the axios npm account and published two poisoned versions containing a phantom dependency called plain-crypto-js. The malicious postinstall hook fired the SILKBELL dropper, which downloaded the WAVESHAPER.V2 remote access trojan from sfrclak.com (IP: 142.11.206.73:8000).
Are You Affected?
Safe versions: axios@1.8.3 and axios@0.30.3
Compromised versions (removed from npm): axios@1.8.4 and axios@0.30.0
Check your lockfile history: git log -p -- package-lock.json | grep plain-crypto-js
If this returns any output, the dropper ran on your machine. Check for RAT artifacts:
- macOS: /Library/Caches/com.apple.act.mond
- Linux: /tmp/ld.py
- Windows: %PROGRAMDATA%\wt.exe
Immediate Remediation
- 1Downgrade immediately to axios@1.8.3 or axios@0.30.3
- 2Block C2 communication: Block sfrclak.com and 142.11.206.73:8000 at your firewall
- 3If RAT artifacts found: Disconnect the machine, rotate every credential, rebuild from a clean image
- 4Rotate npm tokens as a precaution
Long-Term Hardening
Add to your .npmrc file:
- ignore-scripts=true
- save-exact=true
Run: npm config set min-release-age 3
This blocks installation of packages published fewer than 72 hours ago. In CI/CD pipelines, always use npm ci instead of npm install.
Key Takeaways
- ignore-scripts=true in .npmrc would have completely blocked this attack
- If plain-crypto-js ever appeared in your lockfile history, assume the system was compromised and rotate all credentials
- Supply chain attacks are increasing in frequency. Hardening your npm configuration is no longer optional for production environments