Axios, the widely used JavaScript HTTP client library with over 150 million weekly npm downloads, suffered a supply chain attack last week. Attackers compromised a maintainer’s account through targeted social engineering, then published version 1.7.4 laced with malware. The malicious release scraped environment variables and AWS credentials before phoning home to attacker-controlled servers. Axios maintainers detected the issue within hours, yanked the package, and published a clean 1.7.5. No evidence shows widespread exploitation, but the incident exposes how even battle-tested open-source projects remain vulnerable to human-targeted attacks.
This was no broad phishing blast. Attackers ran a tailored campaign mimicking tactics from UNC1069, a threat actor Google Threat Analysis Group (TAG) tracks since early 2024. UNC1069 specializes in hitting open-source developers in cryptocurrency, AI, and web3 spaces. They scout GitHub profiles, then strike via Discord or LinkedIn with fake job offers or bug bounties from names like Infura, Alchemy, or Chainlink. Victims get lured into running malicious code under the guise of “security audits” or “quick tasks.” In Axios’s case, the postmortem—published by the team on GitHub—details how the maintainer fell for a similar ploy: a personalized Discord message promising crypto-related work, leading to credential theft.
Step-by-Step Breakdown
The Axios postmortem, penned with input from security researcher Jason Saayman, lays it out clearly. Attackers first reconned the maintainer’s public profiles. They crafted a lure referencing specific projects and tools from the target’s history—think tailored mentions of recent commits or npm packages. The hook: a “bug bounty” for a fake web3 project, delivered via Discord DM from a spoofed account.
Once engaged, the victim ran what they believed was a benign script. It installed a backdoor, likely using techniques like npm’s postinstall hooks or obfuscated loaders. This granted attackers remote access to the npm account. By October 4, 2024, they pushed axios@1.7.4. The malware hid in the package’s source, executing only in certain environments to evade scans. It exfiltrated sensitive data via HTTPS to domains like 146-70-51-113.ip.eco.dynadot.com.
Axios acted fast. Monitoring flagged anomalous publishes; they revoked the compromised npm token, rotated all secrets, and audited recent activity. npm itself suspended the account. Compare this to the XZ Utils near-miss in 2024, where a single maintainer nearly backdoored Linux distributions over two years. Axios’s quick revert limited fallout, but 1.7.4 pulled briefly before takedown—enough time for mirrors or cached installs to spread.
Why This Exposes Broader Risks
Open-source supply chains power modern software: 80% of apps use third-party components, per Sonatype’s 2024 report. Maintainer compromise sidesteps code review, signatures, and scanners. Axios has 2.5 million dependent projects on GitHub; a persistent backdoor could cascade into enterprise apps, CI/CD pipelines, and cloud infra.
UNC1069 isn’t alone. Supply chain attacks jumped 742% year-over-year in 2023, says Endor Labs. State actors like Russia’s Midnight Blizzard hit SolarWinds; North Korea’s Lazarus eyes crypto devs. Individuals maintain 90% of top npm packages, per GitHub data—juicy targets with minimal defenses.
Skeptically, Axios followed best practices: multi-maintainer model, 2FA (though phished around), and vigilant monitoring. But social engineering exploits trust, not tech. Why it matters: Developers must treat Discord/LinkedIn DMs from strangers as red flags. Projects need automated anomaly detection, like npm’s recent publish locks or Sigstore’s signing. Users should pin versions, audit deps with tools like Socket or Dependabot, and run SLSA frameworks for provenance.
Bottom line: No package is safe. Axios dodged a bullet, but the next won’t. Shift from “trust but verify” to “verify everything.” Maintainers, enable npm’s scoped access tokens. Teams, build supply chain security into your stack now—before UNC1069 knocks on your door.
