Hardly a week goes by that there isn’t a story to cover about malware getting published to a repository. Last week it was millions of downloads on NPM, but this week it’s something much more concerning. Malware published on NPM is now looking for NPM tokens, and propagating to other NPM packages when found. Yes, it’s a worm, jumping from one NPM package to another, via installs on developer machines.
It does other things too, like grabbing all the secrets it can find when installed on a machine. If the compromised machine has access to a Github account, a new repo is created named Shai-Hulud
, borrowed from the name of the sandworms from Dune. The collected secrets and machine info gets uploaded here, and a workflow also uploads any available GitHub secrets to the webhook.site
domain.
How many packages are we talking about? At least 187, with some reports of over 500 packages compromised. The immediate attack has been contained, as NPM has worked to remove the compromised packages, and apparently has added filtering code that blocks the upload of compromised packages.
So far there hasn’t been an official statement on the worm from NPM or its parent companies, GitHub or Microsoft. Malicious packages uploaded to NPM is definitely nothing new. But this is the first time we’ve seen a worm that specializes in NPM packages. It’s not a good step for the trustworthiness of NPM or the direct package distribution model.