Axios hit by RAT campaign

Axios hit by RAT campaign A package used by millions of JavaScript projects turned into a malware delivery system on March 31, 2026, when attackers pushed two poisoned Axios releases to the Node Package Manager registry. Microsoft said the malicious versions were `1.14.1` and `0.30.4`, and linked the infrastructure behind them to Sapphire Sleet, a North Korean state actor. (microsoft.com) Axios is not a consumer app most people install by hand. It is a software library developers add to web apps and back-end services so those programs can send and receive data over the internet without writing the low-level plumbing themselves. (bleepingcomputer.com) That is why this kind of break-in is so dangerous. If you tamper with a popular library instead of a single company, you can reach every developer and every build system that trusts the update channel for that library. (microsoft.com) The trick in this case was simple and effective. The attackers did not rewrite Axios itself; they slipped in a fake dependency called `plain-crypto-js@4.2.1`, which ran automatically during installation through a post-install script. (microsoft.com, bleepingcomputer.com) That post-install step matters because it turns a normal update into code execution. A developer or automated build server can think it is just fetching a routine package update, while the package quietly reaches out to an attacker-controlled command-and-control server and pulls down a second-stage payload. (microsoft.com) Microsoft said the second stage was a remote access trojan, which is malware designed to give an intruder ongoing control of a machine after the initial infection. In plain terms, it is the digital equivalent of hiding a spare key inside the wall after getting through the front door once. (microsoft.com) The payload was cross-platform, which widened the blast radius. Microsoft and BleepingComputer both reported that Windows, macOS, and Linux systems could each receive operating-system-specific malware after the infected Axios package connected to the command server. (microsoft.com, bleepingcomputer.com) On Windows, researchers said the malware used Visual Basic Script and PowerShell, copied PowerShell to `%PROGRAMDATA%\wt.exe`, and set itself up to survive reboots. On macOS, it downloaded a binary into `/Library/Caches/com.apple.act.mond`, marked it executable, and launched it in the background. (bleepingcomputer.com) On Linux, the dropper fetched a Python payload to `/tmp/ld.py` and ran it with `nohup`, a command that keeps a process alive after the launching shell exits. Across all three operating systems, the goal was the same: keep a foothold on the system and let the attacker run commands later. (bleepingcomputer.com) The compromise appears to have started with account theft rather than a flaw inside the package manager itself. BleepingComputer reported that the attackers gained access to the Node Package Manager account of Axios maintainer Jason Saayman, published the rogue releases, and also took over his GitHub account long enough to change its associated email address. (bleepingcomputer.com) A follow-up report described the social engineering that likely opened the door. According to the Axios maintainers’ post-mortem cited by BleepingComputer, the maintainer was lured with a fake Microsoft Teams error fix, a tactic consistent with North Korean intrusion crews that mix impersonation with malware delivery. (bleepingcomputer.com) That fits a broader pattern Microsoft has been tracking. In a March 11, 2026 report on the “Contagious Interview” campaign, Microsoft said North Korean operators had been targeting software developers since at least December 2022 by posing as recruiters, sending coding tasks, and tricking victims into running malicious packages or commands. (microsoft.com) The Axios incident shows the same playbook scaled up. Instead of compromising one developer’s laptop and stopping there, the attackers used access to a trusted software distribution channel to plant malware where automated systems were already trained to trust updates. (microsoft.com) The exposure window was short, but not trivial. BleepingComputer reported that the two malicious releases were available for nearly three hours, and because Axios sees enormous usage, even a brief window could have touched a large number of downstream projects. (bleepingcomputer.com) Microsoft described Axios as having more than 70 million weekly downloads, while BleepingComputer cited roughly 100 million weekly downloads and about 400 million monthly downloads. The exact number varies by measurement source and time period, but every estimate points to the same fact: Axios is common enough that any compromise immediately becomes ecosystem-wide. (microsoft.com, bleepingcomputer.com) For affected users, Microsoft’s advice was blunt. Anyone who installed Axios `1.14.1` or `0.30.4` should rotate secrets and credentials immediately, downgrade to safe versions `1.14.0` or `0.30.3`, and review systems for follow-on persistence because the malicious payload included logic that would keep trying to update. (microsoft.com) The lesson is not that open-source software is uniquely unsafe. The lesson is that modern software is assembled from thousands of trusted pieces, and a single stolen maintainer account can turn one tiny package update into a supply-chain event that reaches browsers, servers, developer laptops, and build pipelines at the same time. (microsoft.com, axios.com)