Axios npm Package Compromised: Supply Chain Attack Deploys Cross-Platform RAT

BREAKING (March 31, 2026): Two malicious versions of axios — one of npm's most depended-on packages with 83+ million weekly downloads — were published to the npm registry after an attacker compromised the account of lead maintainer "jasonsaayman." The attack deployed a cross-platform remote access trojan (RAT) capable of executing arbitrary commands and exfiltrating data.

If you use axios in any project, check your lockfiles now. We've built a free detection & remediation tool to help.

What Happened

Timeline

Time (UTC)	Event
Mar 30, 05:59	`plain-crypto-js@4.2.0` published (clean staging copy)
Mar 30, 23:59	`plain-crypto-js@4.2.1` published (malicious payload)
Mar 31, ~00:00	`axios@1.14.1` published with `plain-crypto-js` dependency
Mar 31, ~00:39	`axios@0.30.4` published — second branch hit in 39 minutes
Mar 31, 00:05	Socket.dev automated detection flagged the package
Mar 31, ~02:00	Malicious versions removed from npm

The attack was meticulously planned. The clean version of plain-crypto-js was staged 18 hours before the malicious payload. Three OS-specific payloads were pre-built. Both the 1.x and 0.x branches were hit within 39 minutes — suggesting automation.

How the Account Was Compromised

The attacker gained control of the npm account belonging to jasonsaayman, axios's lead maintainer, and changed the associated email to a Proton Mail address. Early investigation suggests a long-lived npm token was still active alongside the project's trusted publishing setup, allowing the attacker to publish without triggering standard CI/CD controls.

Axios maintainers reported they initially couldn't revoke the attacker's access because the compromised account had higher permissions than their own.

The Malicious Payload

The injected dependency plain-crypto-js@4.2.1 contains a multi-stage payload:

Installation hook: A postinstall script in the axios package triggers execution
Platform detection: The malware identifies the OS and downloads a platform-specific binary
RAT deployment:
- macOS: AppleScript-based dropper → /Library/Caches/com.apple.act.mond
- Windows: PowerShell dropper → %PROGRAMDATA%\wt.exe
- Linux: Shell-based dropper with process persistence
C2 communication: Connects to sfrclak[.]com:8000 for command & control
Self-destruction: The malware deletes itself and replaces package.json with a clean version to avoid detection

CVSS Score: 9.3 (Critical)

Affected Versions

Package	Compromised	Safe
axios (1.x)	1.14.1 ❌	1.14.0 ✅
axios (0.x)	0.30.4 ❌	0.30.3 ✅
plain-crypto-js	4.2.1 ❌	Should not exist in your deps

Both malicious versions have been removed from npm, but if you installed them during the window, your system may be compromised.

How to Check If You're Affected

We've created check-axios-attack — a free, open-source detection and remediation tool:

# Quick scan
curl -fsSL https://noqta.tn/tools/check-axios-attack.sh | bash
 
# Scan and auto-fix
curl -fsSL https://noqta.tn/tools/check-axios-attack.sh | bash -s -- --fix
 
# Scan specific project
bash check-axios-attack.sh --path /your/project --verbose

Or check manually:

# Check lockfiles
grep -r "1.14.1\|0.30.4" package-lock.json yarn.lock pnpm-lock.yaml 2>/dev/null
grep -r "plain-crypto-js" package-lock.json yarn.lock pnpm-lock.yaml 2>/dev/null
 
# Check installed packages
ls node_modules/plain-crypto-js 2>/dev/null && echo "⚠️ AFFECTED" || echo "✅ Clean"
 
# Check system for RAT (macOS)
ls -la /Library/Caches/com.apple.act.mond 2>/dev/null

📖 Full step-by-step guide: How to Check & Fix the Axios Supply Chain Attack

If You're Affected: Immediate Actions

Rotate ALL secrets — API keys, database passwords, tokens, certificates, SSH keys
Isolate affected machines from your network
Downgrade axios: npm install axios@1.14.0
Remove malicious dependency: rm -rf node_modules/plain-crypto-js
Clean reinstall: rm -rf node_modules && npm ci
Audit CI/CD pipelines — check if compromised builds were deployed
Check for RAT indicators — see our detection guide
Report to your security team

Why This Matters

Axios is embedded in millions of projects — from React frontends to Node.js backends, enterprise APIs to startup MVPs. The npm ecosystem's dependency model means a single compromised package can cascade across the entire software supply chain.

This attack highlights systemic risks:

Account security: A single maintainer's compromised credentials can poison millions of installs
Dependency trust: Most projects auto-install dependencies without auditing them
Detection gaps: The malware self-destructs, making forensics difficult
Token management: Long-lived npm tokens are a persistent vulnerability

Prevention

Pin exact versions in package.json (no ^ or ~ for critical deps)
Use lockfiles and always install with npm ci / yarn --frozen-lockfile
Enable npm 2FA on all maintainer accounts
Use supply chain security tools: Socket.dev, Snyk, npm audit
Monitor dependency changes in CI/CD pipelines
Use scoped registries for internal packages

Sources

FAQ

Is axios safe to use now?

Yes — the malicious versions (1.14.1 and 0.30.4) have been removed from npm. Use 1.14.0 or 0.30.3.

How many projects were affected?

The exact number is unknown. Axios has 83M+ weekly downloads, but the malicious versions were live for approximately 2 hours before removal.

Does this affect my frontend React/Vue/Angular app?

If your package-lock.json or yarn.lock resolved to axios 1.14.1 or 0.30.4 during the attack window, yes. Check your lockfiles.

What does the RAT do?

The RAT can execute arbitrary commands on your system, exfiltrate data, and persist across reboots. It communicates with a C2 server at sfrclak[.]com:8000.

How can I prevent this in the future?

Pin versions, use lockfiles, enable 2FA, and use supply chain security tools. Read our full prevention guide.

Is your Node.js infrastructure secure? Noqta offers security audits and DevSecOps consulting for JavaScript/TypeScript projects. Contact us for a free initial assessment.