🎯Basically, a bad software package turned a trusted website into a tool for stealing data.
What Happened
A rogue npm package named js-logger-pack has been discovered exploiting Hugging Face, a trusted AI model hosting platform. This package operates as both a malware delivery network and a backend for stolen data storage. The attack signifies a worrying trend where attackers misuse legitimate cloud services for supply chain attacks while remaining undetected.
How It Works
Initially, the package appears harmless. When developers install it, a benign logger is loaded, masking the true threat. The attack begins with a postinstall script that runs automatically, launching a hidden downloader while the visible npm install command completes normally. Depending on the operating system, it fetches one of four malicious binaries from a public Hugging Face repository controlled by the attacker, known as Lordplay/system-releases.
Technical Details
JFrog Security researchers analyzed the payload and found that the same cross-platform JavaScript bundle was injected into each container, indicating a single implant wrapped in various Node.js runtime containers. Once deployed, the implant established persistence through methods such as scheduled tasks on Windows, LaunchAgent entries on macOS, and systemd user units on Linux. It began sending system information to a command-and-control server over WebSocket.
Who's Being Targeted
The attack primarily targets developers using npm packages, particularly those who may not be vigilant about the packages they install. This includes developers across various platforms who rely on Hugging Face for AI model hosting.
Signs of Infection
Indicators of infection include unexpected background processes initiated during npm installations, unusual network activity directed towards the command-and-control server, and unauthorized uploads to Hugging Face datasets.
How to Protect Yourself
To mitigate risks, developers should:
Detection
- 1.Rotate all secrets immediately, including AWS keys and database passwords.
- 2.Remove all persistence artifacts by deleting scheduled tasks or registry entries related to the malware.
Removal
- 3.Purge the package from their systems and clear the npm cache.
- 4.Review all package.json changes carefully to ensure no unwanted dependencies are introduced.
What Makes This Alarming
The most concerning aspect of this campaign is the use of Hugging Face as a data exfiltration channel. Instead of sending stolen files to a private server, the attacker uploads data directly into private Hugging Face datasets, effectively using the platform's infrastructure for data theft. This method not only reduces the attacker's risk of detection but also complicates efforts to trace stolen data back to its source.
Conclusion
This incident underscores the need for vigilance in software supply chains. Developers must be cautious about the packages they install and regularly audit their dependencies to avoid falling victim to such sophisticated attacks.
🔒 Pro insight: This incident highlights the growing trend of leveraging trusted platforms for malicious activities, emphasizing the need for enhanced scrutiny in software supply chains.
.webp)