UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly targeted social engineering campaign organized by North Korean terror actors going by UNC1069.
Caretaker Jason Saayman he said the attackers had tailored their social engineering efforts “especially to me” by first approaching him posing as the founder of a legitimate, well-known company.
“They made an image of the founders of the company and the company itself,” said Saayman in the autopsy of the incident. “Then they invited me to the actual Slack workspace. This workspace was branded to the company’s CI and named in a meaningful way. Slack [workspace] it was very well thought out; they had channels where they shared LinkedIn posts.”
Later, the threatening actors allegedly arranged a meeting with him on Microsoft Teams. When he joined the fake call, he was presented with a fake error message that said “something in my system has timed out.” As soon as the update was launched, the attack led to the use of a remote access trojan.
The access provided by the Trojan allows attackers to steal the npm account credentials needed to publish two trojanized versions of the Axios npm package (1.14.1 and 0.30.4) that contain a plugin named WAVESHAPER.V2.
“Everything fit together perfectly, looked legit, and was done to a high standard,” added Saayman.
The attack chain described by the project maintainer shares extensive overlap with tradecraft associated with UNC1069 and BlueNoroff. Details of the campaign were detailed by Huntress and Kaspersky last year, and the latter tracked it under the moniker GhostCall.
“Historically, […] these certain guys have gone after crypto founders, VCs, public figures,” said security researcher Taylor Monahan. “They’re social engineers and they’ve taken over their accounts and directed the next round of people. This is a change of direction [OSS maintainers] it’s a bit concerning in my opinion.”
As preventive measures, Saayman described several changes, including resetting all devices and guarantees, setting immutable releases, adopting the OIDC flow for publishing, and updating GitHub Actions to adopt best practices.
The findings show how open source project maintainers are increasingly the target of sophisticated attacks, which effectively allow threat actors to target downstream users by publishing poisoned versions of popular packages.
As Axios attracts nearly 100 million weekly downloads and is widely used in the JavaScript ecosystem, the explosive surface of a supply chain attack can be large as it spreads rapidly with direct and changing dependencies.
“A widely used package like Axios being compromised shows how difficult it is to think about exposure in the modern JavaScript environment,” said Socket’s Ahmad Nassri. “It’s a feature of how ecosystem dependency repair works today.”
