Massive Software Supply Chain Attack: North Korean Hackers Backdoor Widely Used Axios JavaScript Library

Breaking: Axios Package Compromised in Sophisticated Supply Chain Attack

March 31, 2026 — A widespread software supply chain attack has compromised the popular Axios library for JavaScript, affecting millions of applications worldwide. According to Google Threat Intelligence Group (GTIG), the attack occurred between 00:21 and 03:20 UTC, with malicious code inserted into Axios versions 1.14.1 and 0.30.4.

The malicious dependency, "plain-crypto-js" version 4.2.1, acts as an obfuscated dropper that deploys the WAVESHAPER.V2 backdoor across Windows, macOS, and Linux systems. Axios, the most popular JavaScript HTTP client, is downloaded over 100 million times weekly for its latest version, with the 0.30.4 branch attracting 83 million downloads per week.

"This attack is highly significant due to Axios's ubiquitous presence in the JavaScript ecosystem," said Austin Larsen, a senior security analyst at GTIG. "Any application that installed the compromised package could be fully backdoored, giving attackers persistent access to sensitive data and infrastructure."

Attack Attribution and Timeline

GTIG attributes the attack to UNC1069, a financially motivated North Korea-nexus threat actor active since at least 2018. The group used an updated version of WAVESHAPER, previously named WAVESHAPER in earlier campaigns. "The overlap in infrastructure artifacts between this campaign and past UNC1069 activities is clear," noted Dima Lenz, a threat intelligence lead at GTIG. "The use of WAVESHAPER.V2 confirms their involvement."

The threat actor compromised the Axios maintainer account, changing its associated email address to ifstap@proton.me. They then added the malicious plain-crypto-js package as a dependency in the Axios package.json file. Upon installation, the package's postinstall hook executed an obfuscated JavaScript dropper named setup.js silently in the background.

Malware Analysis

The plain-crypto-js package is a delivery mechanism. Its core component, codenamed SILKBELL (setup.js, SHA256: e10b1fa84f1d6481625f741b69892780140d4e0e7769e7491e5f4d894c2e0e09), dynamically checks the target operating system to deliver platform-specific payloads. It uses a custom XOR and Base64 obfuscation routine to conceal the command-and-control (C2) URL and execution commands.

"The dropper is designed to evade static analysis by dynamically loading modules such as fs, os, and execSync," explained Adrian Hernandez, a malware analyst at GTIG. "After dropping the secondary payload, it attempts to self-delete and revert modifications to package.json to hide traces."

Platform-Specific Execution

Depending on the OS, the dropper executes tailored routines. On Windows, it writes and executes an executable or PowerShell script. On macOS, a Bash script or Mach-O binary is used, while Linux targets receive an ELF binary or shell script. The final payload WAVESHAPER.V2 establishes persistence and connects to the C2 server.

Background

Axios is a promise-based HTTP client for JavaScript, widely used in Node.js and browser environments. It is a dependency of countless open-source projects and enterprise applications. This attack is part of a growing trend of supply chain attacks targeting the Node Package Manager (NPM) registry. UNC1069 has previously targeted cryptocurrency firms and blockchain platforms using similar techniques, often for financial gain.

The compromise of a high-profile package like Axios underscores the risks inherent in the open-source ecosystem, where a single maintainer account breach can cascade into a global security incident. GTIG urges all organizations to audit their use of Axios and apply immediate mitigations.

What This Means

Organizations using Axios versions 1.14.1 or 0.30.4 must assume they are compromised. The backdoor provides attackers with full remote access, allowing data exfiltration, lateral movement, and deployment of ransomware or additional malware. Security teams should isolate affected systems, rotate credentials, and conduct forensic analysis.

"Developers must verify package integrity using tools like npm audit and ensure two-factor authentication is enabled on maintainer accounts," advised Tyler McLellan, a security researcher at GTIG. "The window of compromise is short, but the impact can be long-lasting."

GTIG has released indicators of compromise and detection rules. All users should upgrade to Axios version 1.14.2 or later, which removes the malicious dependency.