The Shai-hulud self-replicating worm’s dangerous new variant is burrowing into new territories in its latest attack, flaunting features that threaten not only the npm code repository, but also GitHub and the cloud ecosystem — and to boot, it features new wiper functionality.
Researchers from Trend Micro have revealed advanced capabilities of Shai-hulud 2.0, a variant of the worm that emerged in November, a mere two months after it first spread across open source npm packages with a wormable attack that can compromise the software supply chain.
The findings also come a week after researchers at Wiz revealed a variant “that executes malicious code during the preinstall phase, significantly increasing potential exposure in build and runtime environments.”
Shai-hulud, which presumably takes its name from the dreaded sandworm of the Dune novel and film series, is now stealing cloud credentials and using them to “access cloud-native secret management services,” while also exhibiting a previously unveiled destructive code that wipes user data if the worm is unsuccessful in harvesting it, according to a recent blog post by Trend Micro researcher Jeffrey Francis Bonaobra.
“It can steal credentials from [Amazon Web Services], [Google Cloud Platform], and Azure cloud providers, which can contain API keys, tokens, and passwords, along with npm tokens and GitHub authentication credentials,” he wrote in the post.
Cloud Credentials at Risk From Worm
Beyond stealing static credentials, the malware uses stolen cloud credentials to access cloud-native secret management services, retrieving secrets from AWS using the AWS Secrets Manager API, extracting Google Cloud secrets through the GCP Secret Manager API, and collecting Azure secrets via Azure Key Vault.
The malware also targets credentials from Azure Pod Identity, a legacy system that remains widely used for providing Azure identities to Kubernetes pods, Bonaobra said.
If that’s not enough, the new variant “also automatically backdoors every npm package maintained by the victim, republishing them with malicious payloads that run during package installation,” he wrote.
This capability is an enhancement to its initial attack vector, first detailed by researchers at ReversingLabs, to steal credentials of npm developer accounts and poison packages across their repositories, before going on to republish malicious versions of components maintained by these accounts.
