Lazarus Group Poisons Axios: Inside the npm Supply Chain Attack
Contents
Inside the Attack: Complete Technical Breakdown of the AI Ecosystem Threat Campaign
This is the full technical companion to our campaign overview published in Part 1. It documents the Windows and macOS malware chains in detail, and...
4 min read
ThreatBook Research Team : Updated on March 31, 2026
Regarding yesterday's Axios npm supply chain poisoning incident, ThreatBook has conducted in-depth sample analysis and attack tracing. Drawing on long-term threat intelligence accumulated through tracking key APT organizations, we attribute this attack campaign to the Lazarus Group, and have pivoted from existing intelligence to identify additional associated infrastructure and attack indicators (IOCs listed in the appendix).
This incident has had significant impact. As one of the most foundational dependencies in the JavaScript ecosystem, Axios has over 3.6 billion annual downloads and more than 174,000 projects that directly or indirectly depend on it. A number of users have already been infected with malicious code while installing OpenClaw …
This is the full technical companion to our campaign overview published in Part 1. It documents the Windows and macOS malware chains in detail, and...
4 min read
ThreatBook Research Team : Updated on March 31, 2026
Regarding yesterday's Axios npm supply chain poisoning incident, ThreatBook has conducted in-depth sample analysis and attack tracing. Drawing on long-term threat intelligence accumulated through tracking key APT organizations, we attribute this attack campaign to the Lazarus Group, and have pivoted from existing intelligence to identify additional associated infrastructure and attack indicators (IOCs listed in the appendix).
This incident has had significant impact. As one of the most foundational dependencies in the JavaScript ecosystem, Axios has over 3.6 billion annual downloads and more than 174,000 projects that directly or indirectly depend on it. A number of users have already been infected with malicious code while installing OpenClaw …
IoC
http://sfrclak.com:8000/6202033
142.11.196.73
142.11.199.73
142.11.206.73
[email protected]
[email protected]
8c8f5f095d65d3f33ce89a77dfbe84a79bb29d2e0073a57a23dcc014d0683c2e
ed8560c1ac7ceb6983ba995124d5917dc1a00288912387a6389296637d5f815c
506690fcbd10fbe6f2b85b49a1fffa9d984c376c25ef6b73f764f670e932cab4
617b67a8e1210e4fc87c92d1d1da45a2f311c08d26e89b12307cf583c900d101
46f5eea70d536f7affe40409d7aaa5fa0009f0dc4538ba2867cb7569737db859
5b5fbc627502c5797d97b206b6dcf537889e6bea6d4e81a835e103e311690e22
fcb81618bb15edfdedfb638b4c08a2af9cac9ecfa551af135a8402bf980375cf
4465bdeaddc8c049a67a3d5ec105b2f07dae72fa080166e51b8f487516eb8d07
f7d335205b8d7b20208fb3ef93ee6dc817905dc3ae0c10a0b164f4e7d07121cd
92ff08773995ebc8d55ec4b8e1a225d0d1e51efa4ef88b8849d0071230c9645a
c91725905b273e81e9cc6983a11c8d60
rule G_Backdoor_WAVESHAPER_1 {
meta:
author = "Google Threat Intelligence Group (GTIG)"
date_created = "2025-11-03"
date_modified = "2025-11-03"
md5 = "c91725905b273e81e9cc6983a11c8d60"
rev = 1
strings:
$str1 = "mozilla/4.0 (compatible; msie 8.0; windows nt 5.1; trident/4.0)"
$str2 = "/tmp/.%s"
$str3 = "grep \"Install Succeeded\" /var/log/install.log | awk '{print $1, $2}'"
$str4 = "sysctl -n hw.model"
$str5 = "sysctl -n machdep.cpu.brand_string"
$str6 = "sw_vers --ProductVersion"
condition:
all of them
}
142.11.196.73
142.11.199.73
142.11.206.73
[email protected]
[email protected]
8c8f5f095d65d3f33ce89a77dfbe84a79bb29d2e0073a57a23dcc014d0683c2e
ed8560c1ac7ceb6983ba995124d5917dc1a00288912387a6389296637d5f815c
506690fcbd10fbe6f2b85b49a1fffa9d984c376c25ef6b73f764f670e932cab4
617b67a8e1210e4fc87c92d1d1da45a2f311c08d26e89b12307cf583c900d101
46f5eea70d536f7affe40409d7aaa5fa0009f0dc4538ba2867cb7569737db859
5b5fbc627502c5797d97b206b6dcf537889e6bea6d4e81a835e103e311690e22
fcb81618bb15edfdedfb638b4c08a2af9cac9ecfa551af135a8402bf980375cf
4465bdeaddc8c049a67a3d5ec105b2f07dae72fa080166e51b8f487516eb8d07
f7d335205b8d7b20208fb3ef93ee6dc817905dc3ae0c10a0b164f4e7d07121cd
92ff08773995ebc8d55ec4b8e1a225d0d1e51efa4ef88b8849d0071230c9645a
c91725905b273e81e9cc6983a11c8d60
rule G_Backdoor_WAVESHAPER_1 {
meta:
author = "Google Threat Intelligence Group (GTIG)"
date_created = "2025-11-03"
date_modified = "2025-11-03"
md5 = "c91725905b273e81e9cc6983a11c8d60"
rev = 1
strings:
$str1 = "mozilla/4.0 (compatible; msie 8.0; windows nt 5.1; trident/4.0)"
$str2 = "/tmp/.%s"
$str3 = "grep \"Install Succeeded\" /var/log/install.log | awk '{print $1, $2}'"
$str4 = "sysctl -n hw.model"
$str5 = "sysctl -n machdep.cpu.brand_string"
$str6 = "sw_vers --ProductVersion"
condition:
all of them
}