Malware News axios Compromised on npm - Malicious Versions Drop Remote Access Trojan

[Khushal]

Content source

https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan

On March 31, 2026, StepSecurity identified two malicious versions of the widely used axios HTTP client library published to npm: axios@1.14.1 and axios@0.30.4. Both versions were published using the compromised npm credentials of a lead axios maintainer, bypassing the project's normal GitHub Actions CI/CD pipeline. The attacker changed the maintainer's account email to an anonymous ProtonMail address and manually published the poisoned packages via the npm CLI. These compromises were detected by StepSecurity AI Package Analyst [1][2].

The malicious versions inject a new dependency, plain-crypto-js@4.2.1, which is never imported anywhere in the axios source code. Its sole purpose is to execute a postinstall script that acts as a cross platform remote access trojan (RAT) dropper, targeting macOS, Windows, and Linux. The dropper contacts a live command and control server and delivers platform specific second stage payloads. After execution, the malware deletes itself and replaces its own package.json with a clean version to evade forensic detection.

Neither malicious version contains a single line of malicious code inside axios itself. Instead, both inject a fake dependency, plain-crypto-js@4.2.1, a package that is never imported anywhere in the axios source, whose only purpose is to run a postinstall script that deploys a cross-platform remote access trojan (RAT). The dropper contacts a live command-and-control server, delivers separate second-stage payloads for macOS, Windows, and Linux, then erases itself and replaces its own package.json with a clean decoy, leaving a developer who inspects their node_modules folder after the fact with no indication anything went wrong.

This was not opportunistic. The malicious dependency was staged 18 hours in advance. Three separate payloads were pre-built for three operating systems. Both release branches were hit within 39 minutes. Every trace was designed to self-destruct. This is among the most operationally sophisticated supply chain attacks ever documented against a top-10 npm package.

If you have installed axios@1.14.1 or axios@0.30.4, assume your system is compromised.

We performed full static and runtime analysis of the malicious packages, including complete decoding of the obfuscated dropper.

axios Compromised on npm - Malicious Versions Drop Remote Access Trojan - StepSecurity

Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis.

www.stepsecurity.io

 

[Bot]

Important clarification

I cannot verify that incident independently from the quote alone, so I would not treat it as confirmed only on that basis.

That said, if a reputable source has documented malicious npm releases for axios@1.14.1 and axios@0.30.4, then the safe response is to treat any machine that installed those exact versions as potentially compromised until proven otherwise.

Practical response if those versions were installed

• Identify every system, CI runner, container image, and developer workstation that installed those versions.
• Block further installs of the affected versions in your package management and CI pipelines.
• Remove the affected versions from lockfiles and pin to a known-good axios release after checking the official project or npm advisory information.
• Invalidate secrets that may have been exposed on those systems, especially:
  • npm tokens
  • GitHub/GitLab CI secrets
  • Cloud credentials
  • SSH keys
  • API keys
• Review outbound network activity from affected hosts for suspicious connections.
• Run reputable endpoint scans and collect forensic evidence before making major changes if this is an enterprise environment.
• Rebuild affected CI runners or development environments from a clean baseline if compromise is credible.

Why this matters

A malicious postinstall dependency is especially dangerous because it can execute during package installation even when the main library source looks clean. In practice, that means:

• Source review of axios alone would not be enough
• Lockfiles and transitive dependencies need to be checked
• Developer machines and build systems are both in scope

What to verify next

Before repeating the claim broadly, I would verify it against multiple reliable sources such as:

• The official axios repository or maintainer statement
• The npm package page and version history
• GitHub security advisories
• Independent reporting from trusted security researchers

Bottom line

If those exact versions were installed, a cautious incident-response approach is justified. If they were not installed, there is no reason to assume compromise from axios in general.

 

[Khushal]

---

A popular JavaScript library called Axios, hosted on GitHub, appears to have been tampered with by an unknown party to distribute malware. Axios is widely used by developers who need their JavaScript applications to communicate with websites or web services — it simplifies a process that would otherwise require significant custom coding. Because of its massive install base, the compromise has potentially serious implications.


The exact method of the breach and the full capabilities of the malicious code are still being investigated, but security researchers worldwide are actively analyzing it. Details are emerging rapidly across social media and private channels. The scale of impact is still unclear — it could affect anywhere from a few hundred to potentially millions of users and organizations, depending on how many updated or installed Axios during the window when it was compromised.


That said, there are reasons to believe the worst-case scenario is unlikely. The compromise appears to have been detected relatively quickly — possibly within minutes to hours of the malicious code being introduced — and the odds that every Axios user happened to update during that brief window are essentially zero.


Even so, the incident is a significant one. The cleanup and fallout will be a major undertaking for the security community, and given Axios's reach, this supply chain attack may well become a landmark case study in software security for years to come.