“`html

Experts caution that at least 187 code packages made accessible via the JavaScript repository NPM have been compromised by a self-replicating worm that pilfers credentials from developers and exposes those secrets on GitHub. The malware, which briefly affected various code packages from the security firm CrowdStrike, captures and disseminates even more credentials each time an infected package is installed.

This novel strain of malware has been termed Shai-Hulud — named after the enormous sandworms in Frank Herbert’s Dune series — due to its practice of publishing any purloined credentials in a fresh public GitHub repository labeled “Shai-Hulud.”

“When a developer installs an affected package, the malware scans for an npm token within the environment,” explained Charlie Eriksen, a researcher at the Belgian security company Aikido. “If detected, it will alter the 20 most prevalent packages accessible via the npm token, embedding itself into the package and releasing a new version.”

At the heart of this escalating dilemma are code libraries accessible on NPM (short for “Node Package Manager”), serving as a central nexus for JavaScript development and offering the latest revisions to commonly used JavaScript components.

The Shai-Hulud worm surfaced only days following an extensive phishing operation by unidentified attackers that impersonated NPM and prompted developers to “update” their multi-factor authentication credentials. This malign act resulted in malware infiltrating at least two dozen NPM code packages; however, the outbreak was swiftly controlled and narrowly aimed at draining cryptocurrency payments.

In late August, another breach involving an NPM developer led to malware being injected into “nx,” an open-source code development toolkit that garners as many as six million downloads weekly. During the nx breach, the assailants introduced code that searched the user’s device for authentication tokens from coding platforms like GitHub and NPM, along with SSH and API keys. However, rather than transmitting those stolen credentials to a server controlled by the attackers, the malicious nx code established a new public repository within the victim’s GitHub account, disclosing the stolen data for public access and download.

Unlike last month’s nx compromise, which did not self-replicate like a worm, the Shai-Hulud malware does and incorporates reconnaissance tools to aid in its dissemination. Specifically, it utilizes the open-source tool TruffleHog to look for exposed credentials and access tokens on the developer’s machine. It then endeavors to create new GitHub actions and publish any purloined secrets.

“Once the initial individual was compromised, there was no halting it,” Aikido’s Eriksen told KrebsOnSecurity. He indicated that the first NPM package affected by this worm appears to have been modified on Sept. 14, around 17:58 UTC.

The security-centered code development platform socket.dev reports that the Shai-Hulud attack temporarily compromised at least 25 NPM code packages overseen by CrowdStrike. socket.dev noted that the compromised packages were promptly eliminated by the NPM registry.

In a written statement provided to KrebsOnSecurity, CrowdStrike mentioned that upon discovering several malicious packages in the public NPM registry, the organization rapidly removed them and rotated its keys in public repositories.

“These packages are not utilized in the Falcon sensor, the platform remains unaffected, and customers continue to be safeguarded,” the statement declares, referencing the company’s widely-used endpoint threat detection service. “We are collaborating with NPM and carrying out a thorough investigation.”

A writeup on the attack from StepSecurity identified that for cloud-oriented operations, the malware enumerates AWS, Azure, and Google Cloud Platform secrets. It also determined that the entire attack strategy assumes the victim operates within a Linux or macOS environment, deliberately avoiding Windows systems.

StepSecurity stated that Shai-Hulud propagates by exploiting stolen NPM authentication tokens, appending its code to the top 20 packages associated with the victim’s account.

“This initiates a cascading effect where an infected package leads to compromised maintainer credentials, which consequently infects all other packages managed by that user,” wrote StepSecurity’s Ashish Kurmi.

Eriksen remarked that Shai-Hulud continues to spread, although its rate of proliferation appears to have diminished in recent hours.

“I still observe package versions emerging sporadically, but no new packages have been compromised in the last ~6 hours,” Eriksen noted. “However, that might change now as the east coast begins its workday. I would regard this attack as a ‘living’ entity, almost like a virus. Since it can remain dormant for a time, if just one person unintentionally gets infected, they could reignite the spread. Particularly if a super-spreader attack occurs.”

Nicholas Weaver is a researcher associated with the International Computer Science Institute, a nonprofit in Berkeley, Calif. Weaver referred to the Shai-Hulud worm as “a supply chain assault that executes a supply chain attack.” Weaver emphasized that NPM (and all comparable package repositories) must immediately transition to a publication model that mandates explicit human consent for every publication request using a phish-resistant 2FA method.

“Anything less will result in continued attacks like this and an increase in their frequency, but transitioning to a 2FA method would effectively throttle these attacks before they can propagate,” Weaver asserted. “Permitting purely automated processes to update published packages is now a proven path to disaster.”

“`