Axios npm Package Hijacked to Deploy Cross-Platform RAT
Attackers compromised the popular Axios npm package to distribute a cross-platform Remote Access Trojan, demonstrating how a single dependency can expose entire development and production environments.
A Trusted Package Turned Into an Attack Vector
A supply chain attack targeting the widely used npm package Axios has highlighted the growing risks within modern dependency ecosystems. By compromising a maintainer account, attackers were able to publish malicious versions of the package directly to the npm registry, effectively weaponizing a trusted component used by millions of developers and applications.
The malicious versions, [email protected] and [email protected], appeared legitimate and were distributed through normal installation workflows. This allowed attackers to reach both developer workstations and automated CI/CD environments without raising immediate suspicion.
How the Attack Worked
Instead of modifying Axios itself, the attackers introduced a malicious dependency: [email protected]. This dependency contained a postinstall script, which is automatically executed when npm installs the package.
The use of postinstall scripts is a known attack technique in the JavaScript ecosystem. Because these scripts run silently during installation, they provide an effective mechanism for executing arbitrary code without requiring user interaction. In this case, the script downloaded and executed a Remote Access Trojan (RAT), while the main Axios package continued to function normally.
Technical Breakdown of the RAT
The deployed malware was designed to operate across multiple operating systems, adapting its execution method based on the host environment. This indicates a pre-planned and structured attack rather than an opportunistic compromise.
- macOS: Used AppleScript to download and execute a secondary payload from a remote server
- Windows: Leveraged PowerShell to deploy a payload disguised as a legitimate binary
- Linux: Executed a Python-based backdoor for persistence and remote control
Once installed, the RAT established communication with a command-and-control (C2) server. From there, it could receive instructions, execute commands, download additional payloads, and exfiltrate data. Notably, the malware included cleanup routines to remove traces of execution, making forensic analysis more difficult.
Indicators of Compromise (IOCs)
Systems that installed the affected versions should be investigated for signs of compromise. Known indicators include:
- Unexpected execution of postinstall scripts during npm install
- Outbound connections to unknown or suspicious domains
- Presence of unusual files in system directories or cache locations
- macOS: suspicious files under
/Library/Caches/ - Windows: unknown executables in
%PROGRAMDATA% - Linux: unexpected Python scripts or cron jobs
Why This Matters
Axios is one of the most widely used libraries in the JavaScript ecosystem, meaning the potential blast radius of this attack is significant. Because it is often embedded in both frontend applications and backend services, the compromise could affect everything from local development machines to production APIs.
More importantly, the attack demonstrates how easily trust can be abused within dependency chains. Even when a package itself appears clean, nested dependencies can introduce hidden risk. This makes traditional code review insufficient as a standalone security measure.
Mitigation and Recovery
If your environment used the affected versions, immediate action is required. Start by downgrading Axios to a known safe version:
npm install [email protected] # or npm install [email protected]
After downgrading, remove installed dependencies and reinstall cleanly:
rm -rf node_modules package-lock.json npm install
Additionally, rotate all credentials that may have been exposed, including API keys, tokens, and environment variables. Systems that executed the malicious package should be treated as compromised and rebuilt if necessary.
How BaseFortify Can Help
BaseFortify.eu helps you understand where risks exist across your environment by mapping components and dependencies in a structured way.
Even without official identifiers, you can represent affected packages using synthetic identifiers such as:
cpe:2.3:a:axios:axios:1.14.1:*:*:*:*:nodejs:*:*
This allows you to quickly identify where vulnerable or compromised components are used, correlate them with risks, and prioritize remediation. Registration is open to everyone, and a Free subscription is available.
Final Thoughts
The Axios incident reinforces a growing trend: attackers are shifting from targeting systems directly to targeting the software supply chain. By compromising a single trusted package, they can scale their impact across thousands of environments. Visibility into dependencies and their behavior is no longer optional — it is essential.