At least 187 code packages made available through the JavaScript repository NPM<\/strong> have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub<\/strong>, experts warn.\u00a0The malware, which briefly infected multiple code packages from the security vendor CrowdStrike<\/strong>, steals and publishes even more credentials every time an infected package is installed.<\/p>\n Image: https:\/\/en.wikipedia.org\/wiki\/Sandworm_(Dune)<\/p>\n<\/div>\n The novel malware strain is being dubbed Shai-Hulud<\/strong> \u2014 after the name for the giant sandworms in Frank Herbert\u2019s Dune<\/em> novel series \u2014 because it publishes any stolen credentials in a new public GitHub repository that includes the name \u201cShai-Hulud.\u201d<\/p>\n \u201cWhen a developer installs a compromised package, the malware will look for a npm token in the environment,\u201d said Charlie Eriksen<\/strong>, a researcher for the Belgian security firm Aikido<\/a>. \u201cIf it finds it, it will modify the 20 most popular packages that the npm token has access to, copying itself into the package, and publishing a new version.\u201d<\/p>\n At the center of this developing maelstrom are code libraries available on NPM<\/strong><\/a> (short for \u201cNode Package Manager\u201d), which acts as a central hub for JavaScript development and provides the latest updates to widely-used JavaScript components.<\/p>\n The Shai-Hulud worm emerged just days after unknown attackers launched a broad phishing campaign<\/a> that spoofed NPM and asked developers to \u201cupdate\u201d their multi-factor authentication login options. That attack led to malware being inserted into at least two-dozen NPM code packages, but the outbreak was quickly contained and was narrowly focused on siphoning cryptocurrency payments.<\/p>\n Image: aikido.dev<\/p>\n<\/div>\n In late August, another compromise of an NPM developer resulted in malware being added to \u201cnx<\/strong>,\u201d an open-source code development toolkit with as many as six million weekly downloads. In the nx compromise, the attackers introduced code that scoured the user\u2019s device for authentication tokens from programmer destinations like GitHub and NPM, as well as SSH and API keys. But instead of sending those stolen credentials to a central server controlled by the attackers, the malicious nx code created a new public repository in the victim\u2019s GitHub account, and published the stolen data there for all the world to see and download.<\/p>\n Last month\u2019s attack on nx did not self-propagate like a worm, but this Shai-Hulud malware does and bundles reconnaissance tools to assist in its spread. Namely, it uses the open-source tool TruffleHog<\/a> to search for exposed credentials and access tokens on the developer\u2019s machine. It then attempts to create new GitHub actions and publish any stolen secrets.<\/p>\n \u201cOnce the first person got compromised, there was no stopping it,\u201d Aikido\u2019s Eriksen told KrebsOnSecurity. He said the first NPM package compromised by this worm appears to have been altered on Sept. 14, around 17:58 UTC.<\/p>\n The security-focused code development platform socket.dev<\/strong> reports<\/a> the Shai-Halud attack briefly compromised at least 25 NPM code packages managed by CrowdStrike. Socket.dev said the affected packages were quickly removed by the NPM registry.<\/p>\n In a written statement shared with KrebsOnSecurity, CrowdStrike said that after detecting several malicious packages in the public NPM registry, the company swiftly removed them and rotated its keys in public registries.<\/p>\n \u201cThese packages are not used in the Falcon sensor, the platform is not impacted and customers remain protected,\u201d the statement reads, referring to the company\u2019s widely-used endpoint threat detection service. \u201cWe are working with NPM and conducting a thorough investigation.\u201d<\/span><\/p>\n![\"\"](\"https:\/\/i0.wp.com\/krebsonsecurity.com\/wp-content\/uploads\/2025\/09\/shai-hulud.png?resize=704%2C619&ssl=1\")
<\/p>\n![\"\"](\"https:\/\/i0.wp.com\/krebsonsecurity.com\/wp-content\/uploads\/2025\/09\/shai-hulud-packages.png?resize=749%2C440&ssl=1\")
<\/p>\n