Security researchers have detected a sophisticated poisoning campaign targeting the Axios
npm package, the industry-standard HTTP client for Node.js. This attack bypasses traditional
security scans by utilizing a "delayed-payload" mechanism designed to infect developer
environments without leaving a trace in the build logs.
1. The "Hidden Dependency" Vector
The attackers did not modify the core Axios code directly. Instead, they published several
"typosquatted" versions and successfully compromised a minor sub-dependency used in
specific automated testing environments.
● The Injection: The malicious code was hidden within a post-install script. When npm
install was executed, the script checked for the presence of a .git directory—a
clear sign that the victim is a developer and not a production server.
● The Stealth Pivot: If a developer environment was detected, the script initiated a
second-stage download of a Remote Access Trojan (RAT) disguised as a harmless
telemetry update.
2. The Malware: A Custom "Node-RAT"
Unlike typical crypto-miners often found in poisoned packages, this campaign is focused on
Industrial Espionage.
● Credential Sniffing: Once installed, the RAT specifically hunts for .env files, AWS
credentials, and ~/.ssh keys.
● Memory Erasure: To avoid detection by local EDR (Endpoint Detection and Response)
tools, the malware executes entirely in memory. Once the sensitive data is exfiltrated to
a C2 (Command & Control) server, the malware deletes the installation artifacts, leaving
the developer's node_modules looking perfectly clean.
3. The "TeamPCP" Signature?
While attribution is ongoing, the obfuscation techniques and the focus on AWS secret exfiltration
bear the hallmarks of TeamPCP—the group recently linked to the European Commission
"Europa" breach. Their pivot from security scanners (Trivy) to development libraries (Axios)
suggests a broader campaign to harvest "Management-Level" API keys.
