Popular NPM Package ‘ctrl/tinycolor’ with 2M Weekly Downloads and 40+ Others Compromised in Supply Chain Attack

The NPM ecosystem is under attack once again, with a sophisticated supply chain compromise targeting the widely-used @ctrl/tinycolor package and over 40 other JavaScript packages.

This latest incident represents a significant escalation in supply chain threats, featuring self-propagating malware that automatically spreads across the ecosystem.

Diagram showing how phishing emails with malicious URLs or HTML attachments lead to a JavaScript-based malware infection on a user’s device 

The malicious compromise was first discovered by security researcher @franky47, who promptly reported the issue through a GitHub alert.

The attack targeted @ctrl/tinycolor versions 4.1.1 and 4.1.2, packages that collectively receive over 2 million weekly downloads from developers worldwide.

What makes this incident particularly dangerous is the malware’s ability to automatically propagate to other packages maintained by the same authors or accessible through compromised credentials.

Socket.dev provided comprehensive technical analysis of the attack, revealing a multi-stage infection chain that demonstrates concerning sophistication.

The compromised packages have since been removed from the NPM registry, but the damage extends far beyond the initial target.

Self-Propagating Malware

The attack employs a sophisticated multi-stage approach that sets it apart from typical supply chain compromises.

By introducing a short waiting period before allowing new dependencies, teams can reduce their exposure to fresh attacks while still keeping their dependencies up to date.

The malware utilizes a function called NpmModule.updatePackage to automatically spread to additional packages without manual intervention. This self-propagating capability transforms a single package compromise into a cascading ecosystem-wide threat.

Diagram showing the spread of malware through compromised websites and phishing attacks affecting users and servers 

The malicious code downloads and repurposes TruffleHog, a legitimate secrets scanning tool, for credential harvesting.

The malware systematically targets NPM authentication tokens, GitHub personal access tokens, AWS access keys, Google Cloud Platform credentials, and Azure authentication details.

Additionally, it attempts to access cloud metadata endpoints to extract further sensitive information.

To maintain persistence, the attack creates a malicious GitHub Actions workflow file at .github/workflows/shai-hulud-workflow.yml. This workflow can be triggered remotely to re-infect repositories or extract additional data long after the initial compromise.

Comprehensive Package Impact

The attack affected numerous high-profile packages across multiple maintainers. Beyond @ctrl/tinycolor, compromised packages include angulartics2 (version 14.1.2), multiple @ctrl namespace packages, @nativescript-community packages, and various React and Angular libraries. The breadth of affected packages demonstrates the attack’s systematic approach to ecosystem compromise.

Each compromised package contained the malicious bundle.js file with SHA-256 hash 46faab8ab153fae6e80e7cca38eab363075bb524edd79e42269217a083628f09. All harvested credentials and sensitive data were exfiltrated to webhook.site/bb8ca5f6-4175-45d2-b042-fc9ebb8170b7.

Organizations using any affected packages must take immediate action. First, identify and remove or downgrade all compromised packages from development environments and production systems.

Check for the presence of malicious workflow files and audit recent NPM publishing activities for unauthorized modifications.

Supply chain vulnerabilities and attack vectors in software development process visualized in a detailed infographic by Atlantic Council 

All credentials potentially exposed to compromised environments require immediate rotation. This includes NPM tokens, GitHub personal access tokens, AWS IAM credentials, Google Cloud service account keys, and Azure service principals.

Given the comprehensive nature of the credential harvesting, assume any secrets accessible to affected systems have been compromised.

Enterprise security solutions like StepSecurity provide multiple layers of protection against such attacks.

Their NPM Package Cooldown Check automatically blocks packages released within a configured waiting period, typically preventing adoption of freshly compromised packages before detection occurs.

StepSecurity’s Harden-Runner adds runtime monitoring to GitHub Actions workflows, providing visibility into network calls and process executions during CI/CD runs.

Their Artifact Monitor continuously tracks package releases to detect unauthorized publications outside approved pipelines.

The incident highlights critical gaps in current npm security models and the need for enhanced supply chain protection mechanisms.

While the immediate threat has been contained through package removal, the self-propagating nature of this attack represents a concerning evolution in supply chain threats that demands industry-wide attention and improved defensive strategies.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.