Axios npm Hack: Fake Microsoft Teams Error Used to Hijack Maintainer Account
Apr 6, 2026
Overview
A sophisticated supply chain attack targeting the widely used Axios npm package has exposed how social engineering and developer trust can be weaponized at scale.
Threat actors successfully hijacked a maintainer’s npm account using a fake Microsoft Teams error prompt, ultimately pushing malicious package versions that deployed a cross-platform Remote Access Trojan (RAT).
With Axios seeing 100M+ weekly downloads, the blast radius of this attack is significant—impacting developers, CI/CD pipelines, and downstream applications globally.
Key Details
Category | Details |
|---|---|
Attack Type | Supply Chain Attack / Social Engineering |
Target | Axios npm package |
Initial Vector | Fake Microsoft Teams error during social engineering call |
Impact | Maintainer account hijack, malicious package release |
Malicious Versions | axios@1.14.1, axios@0.30.4 |
Payload | Cross-platform Remote Access Trojan (RAT) |
Malicious Dependency | plain-crypto-js@4.2.1 |
Exposure Window | ~2–3 hours |
Affected Systems | macOS, Windows, Linux |
What Happened?
The attack began with a highly targeted social engineering campaign aimed at an Axios maintainer.
Attackers impersonated a legitimate organization and invited the maintainer into a convincing collaboration environment, complete with branded communication channels.
The final step involved a fake Microsoft Teams call, where the victim encountered a fabricated error message claiming their system was outdated.
Once the maintainer attempted to “fix” the issue, malware was executed—granting attackers access to sensitive credentials, including npm publishing tokens.
From Account Takeover to Supply Chain Compromise
With access to the maintainer’s npm account, attackers:
Published two malicious Axios versions:
1.14.1and0.30.4Targeted both modern and legacy branches to maximize reach
Bypassed normal CI/CD publishing mechanisms
The malicious releases appeared legitimate since they were published using trusted maintainer credentials, making detection difficult.
How the Malware Worked
Instead of modifying Axios source code directly, attackers used a stealthier approach:
1. Dependency Injection
A malicious package named plain-crypto-js@4.2.1 was added as a dependency—masquerading as the legitimate crypto-js library.
2. Post-Install Execution
Once installed via npm install, the dependency executed a postinstall script that:
Contacted a command-and-control (C2) server
Downloaded platform-specific payloads
Deployed a Remote Access Trojan (RAT)
3. Self-Erasing Behavior
To evade detection, the malware:
Deleted installation traces
Replaced its own metadata with clean files
This made post-incident forensic analysis significantly harder.
Why This Attack Is Dangerous
This campaign stands out due to its combination of human manipulation and technical stealth:
Trusted Source Abuse: Official package compromised instead of typosquatting
Automated Execution: Malware runs during dependency installation
Wide Reach: Impacts any system pulling affected versions
Stealth Techniques: Self-deleting payload and clean package replacement
Even a short exposure window (~2–3 hours) was enough to potentially compromise thousands of environments.
Attribution
Security researchers have linked the attack to North Korean threat actors, specifically a group known for targeting software supply chains and developer ecosystems.
Impact Assessment
If your environment installed:
axios@1.14.1axios@0.30.4
You should assume full system compromise.
Potential risks include:
Credential theft
Persistent backdoors
CI/CD pipeline compromise
Lateral movement across infrastructure
Detection & Mitigation
Immediate Actions
Rotate all credentials and API keys
Audit dependency lockfiles for affected versions
Remove
plain-crypto-jsif presentRebuild systems from trusted sources
Preventive Measures
Pin dependencies to known safe versions
Avoid auto-updating critical packages
Implement dependency monitoring tools
Enforce strong authentication for maintainers
Monitor unusual package behavior during installation
Clearphish Takeaway
This attack reinforces a critical reality:
The human layer is now the weakest link in software supply chains.
Even highly experienced developers can fall victim to well-crafted social engineering, especially when attackers replicate trusted platforms like Microsoft Teams.
For organizations, this means security awareness must extend beyond phishing emails into:
Developer workflows
Collaboration tools
CI/CD environments
Final Thoughts
The Axios npm compromise is not just another supply chain attack—it’s a blueprint for next-generation developer-targeted phishing campaigns.
By blending social engineering with automated malware delivery, attackers are shifting from exploiting code to exploiting people behind the code.
Disclaimer: ClearPhish maintains a strict policy of not participating in the theft, distribution, or handling of stolen data or files. The platform does not engage in exfiltration, downloading, hosting, or reposting any illegally obtained information. Any responsibility or legal inquiries regarding the data should be directed solely at the responsible cybercriminals or attackers, as ClearPhish is not involved in these activities. We encourage parties affected by any breach to seek resolution through legal channels directly with the attackers responsible for such incidents.
