Google has tied a sophisticated malware operation targeting the popular JavaScript library Axios to a North Korean hacking group. The attack briefly poisoned two versions of the widely used tool, potentially exposing thousands of developers and companies to credential theft and remote access threats. This incident highlights the growing risks in the open source ecosystem that powers much of the modern internet.
How Attackers Hijacked the Trusted Library
The breach unfolded quickly on March 31, 2026. Attackers gained control of the npm account belonging to Axios lead maintainer jasonsaayman. They changed the associated email to an attacker-controlled ProtonMail address, locking out the legitimate owner.
Using those credentials, they published malicious versions 1.14.1 and 0.30.4 directly through the npm CLI. This bypassed the project’s normal GitHub review processes. The packages went live around 00:21 UTC and stayed active for roughly three hours until npm took them down.
The clever part was how they hid the malware. They did not alter Axios core code. Instead, they added a hidden dependency called plain-crypto-js version 4.2.1. This package only existed to run a postinstall script that executed automatically when developers ran npm install.
Axios serves as a key HTTP client for making requests between web apps and servers. With over 100 million weekly downloads, it sits in countless projects worldwide. Even a short window of exposure created a massive potential impact.
Inside the Malicious Payload and Backdoor
Once installed, the plain-crypto-js dropper sprang into action. It checked the victim’s operating system and fetched the right payload from a command-and-control server. The malware supported Windows, macOS, and Linux.
On Windows, it used PowerShell tricks and copied legitimate files to blend in. On macOS, it dropped a native binary and ran it quietly in the background. Linux systems received a Python-based backdoor.
After delivering the main payload, the dropper cleaned up after itself. It deleted traces and replaced the modified package.json file with a clean version to avoid easy detection.
The real threat came from WAVESHAPER.V2, an evolved backdoor. This tool beacons back to its controllers every 60 seconds using JSON over a specific user agent. It can list files, run commands, inject executables, and gather system details like usernames and running processes.
Key capabilities include stealing credentials and maintaining persistent access. Google researchers noted it could lead to broader network compromises if left unchecked.
UNC1069: The North Korean Group Behind the Operation
Google Threat Intelligence attributed the attack to UNC1069, a financially motivated group with ties to North Korea. The actors have operated since at least 2018, focusing heavily on cryptocurrency theft and financial targets.
This group previously used malware called CryptoCore in attacks on banks, insurers, and crypto platforms. In February 2026, reports showed them expanding tactics with deepfakes, fake Zoom calls, and social engineering to trick victims.
Infrastructure links sealed the attribution. The command server used in the Axios attack connected through a VPN node previously tied to UNC1069. Code similarities between WAVESHAPER.V2 and earlier tools used by the group provided further proof.
North Korea has a documented pattern of using cyber operations to generate revenue for the regime. Supply chain attacks let them hit many targets at once without direct confrontation. This Axios operation marks a shift toward broader corporate networks beyond pure crypto plays.
The Growing Risk to Global Software Supply Chains
Open source libraries like Axios form the invisible backbone of modern software. Developers trust them because they are popular and battle-tested. Yet single maintainer accounts often hold the keys to millions of installations.
This attack follows other recent supply chain incidents, showing attackers are refining their methods. They now combine account takeovers with stealthy dependencies that activate only during install.
The potential fallout is serious. Compromised developer machines could leak API keys, cloud credentials, and customer data. Downstream applications built with infected packages might spread the breach further into production environments.
Companies relying on automated builds face the highest risk. A single CI/CD pipeline pulling the wrong version could expose an entire organization.
Security experts warn that the full scope may take weeks to understand. Hundreds of thousands of downloads likely occurred during the active window, though exact numbers remain unclear.
What Developers and Companies Must Do Right Now
Organizations should act fast to check their systems. First, audit package lockfiles for axios versions 1.14.1 or 0.30.4 installed between late March 30 and early March 31 UTC.
If found, treat the environment as compromised. Rebuild from clean sources, rotate all credentials, and scan for suspicious processes.
Here are immediate steps to take:
- Pin Axios to safe versions like 1.14.0 or 0.30.3 in your projects
- Clear npm, yarn, and pnpm caches across all machines and build servers
- Block traffic to known malicious domains and IP addresses
- Review developer accounts for unusual npm access
- Enable stricter supply chain protections like version pinning and automated dependency scanning
Longer term, teams should adopt tools that verify package integrity and monitor for unexpected postinstall scripts. Sandboxing development environments can limit damage if something slips through.
Larger organizations might consider internal package mirrors to control what gets installed. Single-maintainer projects need better account security, such as short-lived tokens and multi-factor requirements.
This incident serves as a wake-up call for the entire software community. The trust we place in open source is powerful, but it demands constant vigilance.
The Axios attack reminds us how interconnected our digital world has become. One compromised library can ripple across borders and industries in hours. As state-backed groups refine these tactics, the cost of inaction keeps rising. Staying ahead means treating supply chain security as seriously as endpoint protection.
