$ cat axios-npm-north-korea-hack.mdx

North Korea Hacked axios. 100M Downloads a Week.

Apr 9, 2026 · #security #npm #supply-chain #north-korea #axios #malware #open-source #aitu

axios is one of the most installed packages in the JavaScript ecosystem. More than 100 million downloads every week. Last week, two versions of it contained a backdoor planted by a North Korean state-sponsored hacking group.

axios npm hack North Korea

What Happened

On March 30-31, versions axios 1.14.1 and 0.30.4 appeared on npm with a malicious dependency quietly included: plain-crypto-js@4.2.1.

That dependency was a RAT dropper - RAT meaning Remote Access Trojan, a piece of software that gives attackers control over an infected machine. Two seconds after installation, it attempted to contact a remote server. Two seconds. Just enough time to slip past basic automated checks.

The dropper worked on Windows, Mac, and Linux. It hit both the main branch and a legacy branch. And both were live for 39 minutes before detection.

How the Attack Was Set Up

This wasn’t improvised. The malicious package plain-crypto-js@4.2.1 was staged 18 hours in advance - uploaded to npm and sitting idle, waiting to be referenced. When the moment came, the attackers added it as a dependency, pushed the poisoned axios versions, and waited.

The total exposure window was roughly 3 hours from first publish to full remediation. Within that window, anyone who ran npm install with a version range that picked up 1.14.1 or 0.30.4 would have pulled in the backdoor.

The malicious code included a self-destruct mechanism - it cleaned up after itself to complicate forensics.

Who Did It

Both Microsoft Security (tracking this group as Sapphire Sleet) and Google (tracking as UNC1069) have attributed this to a North Korean state actor.

The attack vector was a compromised maintainer account - jasonsaayman, the primary maintainer of axios. Attackers didn’t break into npm’s infrastructure. They got the credentials of a trusted human who had publishing rights, and used those to push code that would look legitimate to automated systems.

That’s the sophisticated part. The package wasn’t suspicious at the package level - it came from a legitimate maintainer account with years of trusted history.

Why npm Supply Chain Attacks Are Hard to Stop

This category of attack - called a supply chain attack - is particularly nasty because it exploits trust rather than breaking through defenses.

When axios publishes an update, millions of build pipelines around the world automatically pull it in. That’s the feature that makes npm powerful. It’s also the attack surface.

A compromised maintainer account bypasses virtually every downstream security check. The code arrives signed and trusted. The only real defenses are: detecting the malicious behavior post-installation, monitoring for unexpected dependencies, or catching the attack in the very short window before it propagates.

Elastic Security Labs and SANS both published rapid analysis. The security community’s response was fast. But 3 hours is still 3 hours.

What You Should Do

If you run JavaScript projects, check your lockfiles. If axios 1.14.1 or 0.30.4 appears, treat that as a potential compromise. The safe versions are 1.13.x or 1.14.2+ once the patched release is available.

Rotate credentials for any systems that ran affected builds.

My Take

This is the most important security story of the week, and it’s not close. 100 million downloads per week means the blast radius of this attack was enormous. The fact that the exposure window was 3 hours doesn’t mean the damage was limited - it means we got lucky relative to what it could have been.

North Korean state actors have been targeting developer toolchains for years. They’re patient, technically sophisticated, and focused on supply chain access because one compromised package can reach millions of targets simultaneously.

The maintainer account compromise is the real lesson here. Security isn’t just about your code - it’s about the humans who have push access to code you depend on.

Sources

  • The Hacker News - “Malicious axios npm versions 1.14.1 and 0.30.4 contain North Korean backdoor” (30.03.2026)
  • Microsoft Security - “Sapphire Sleet attributed to axios npm supply chain compromise” (01.04.2026)
  • Bloomberg - “North Korean hackers poisoned one of npm’s most downloaded packages” (31.03.2026)
  • Elastic Security Labs - “Technical analysis: axios RAT dropper and plain-crypto-js” (01.04.2026)
  • SANS Internet Storm Center - “axios npm backdoor: timeline and indicators of compromise” (01.04.2026)
  • Malwarebytes - “What the axios npm hack means for JavaScript developers” (31.03.2026)
$ cd ../