The digital dunes have shifted once again, signaling the return of one of the most persistent threats to the npm ecosystem: the Shai-Hulud worm. Dubbed "Shai-Hulud 3.0" this new variant was recently discovered propagating through a malicious package, @vietmoney/react-big-calendar@0.26.2, but with stealthier and more resilient capabilities. Dismiss this as just another vulnerable software package to patch at your peril.

‍

While its core goal remains the same, to steal sensitive secrets from developer and CI/CD environments, the latest evolution demonstrates the attacker's commitment to increased longevity and wider reach, making robust software supply chain security more critical than ever. 

‍

Key Upgrades in the New Worm

‍

Analysis of Shai-Hulud 3.0 reveals a series of technical enhancements designed to improve reliability and evade detection:

• Enhanced Obfuscation: The new strain features increased code obfuscation, making static analysis and manual code review more challenging. The threat actor appears to have access to the original source code, suggesting a continuous, well-resourced campaign.
• Improved Reliability: The malware has improved its error handling, particularly for the secrets-harvesting tool, TruffleHog, allowing it to time out more gracefully. Crucially, it now explicitly supports Windows environments by checking the platform and invoking bun.exe, broadening its potential attack surface.
• The Dead-Man Switch is Gone: Unlike previous versions that included a function to stop the attack, this variant appears to have removed the "dead-man switch," indicating a desire for sustained, ongoing exfiltration. This is an indiscriminate ‘fire and forget’ weapon with no way of calling off the attack. 
• New Artifacts & Metadata: The malware uses updated file names for its payload (bun_installer.js and environment_source.js) and exfiltrated data (3nvir0nm3nt.json, cl0vd.json, c9nt3nts.json). It also uses the distinct GitHub repository description, "Goldox-T3chs: Only Happy Girl," for its command-and-control infrastructure.

How the Attack Works

‍

The attack vector remains a classic and highly effective supply chain tactic:

1. Install-Time Execution: The malicious package contains a preinstall script in its package.json. This script executes automatically upon installation in an NPM environment, making it a "zero-click" threat that fires before developers or automated scanners can intervene.
2. Payload Execution: The script launches bun_installer.js, which then loads the primary payload, environment_source.js.
3. Secret Harvesting: The payload's main function is to use TruffleHog to scan the local system for high-value secrets, including:
   
   • API tokens (e.g., npm tokens)
   • Cloud credentials
   • CI/CD secrets

The harvested secrets are written to disk and then exfiltrated to the attacker's GitHub-controlled infrastructure.

‍

Mitigation Guidance: Hardening Your Software Supply Chain

‍

Reactive measures are not enough, and almost always too late to make a meaningful difference.. Organizations must implement proactive controls to secure their environment against this and future supply chain attacks. Immediate actions to take are:

• Audit and Remove: Immediately audit your environments for the package @vietmoney/react-big-calendar@0.26.2 and remove it from all projects.
• Rotate Credentials: Assume any environment that installed the package is compromised. Rotate all secrets and credentials accessible from those affected build, developer, or CI/CD systems (Cloud, Git, npm, etc.).
• Check Artifacts: Monitor repositories and systems for the presence of the new exfiltrated data artifacts, such as 3nvir0nm3nt.json or c9nt3nts.json.

Mondoo Helps You Build Long-Term Defenses. 

‍

Mondoo checks your complete infrastructure for indicators of compromise related to this threat. By integrating the IoCs (Indicators of Compromise) found in the sources into a scanning workflow, you can secure your environment:

1. Infrastructure-Wide Auditing: Mondoo scans your entire infrastructure, including virtual machines, containers, and cloud environments, to detect files used by Shai Hulud v3.0, such as bun_installer.js or 3nvir0nm3nt.json.
   
   
2. Configuration Enforcement: Mondoo audits your development environments to ensure that ignore-scripts is correctly set to true. This blocks the postinstall and preinstall hooks, which are the primary infection vectors for this strain.
3. Secrets Management & Posture: Ensure that secrets are not left exposed in environments or source code. Mondoo's deep scanning capabilities help continuously audit your CI/CD pipelines, container images, and infrastructure-as-code for hardcoded or improperly configured secrets, limiting the potential haul for any worm that breaches your defenses.

The evolution of Shai-Hulud is a stark reminder that the software supply chain remains a primary target. We expect to see a rise of similar high-impact attacks across multiple software development ecosystems. 

‍

By adopting a continuous security posture management approach, organizations can move from reactive patching to proactive defense, effectively taming the sandworm before it breaches the golden path to your secrets.

Ready To See Mondoo In Action?

Schedule a demo today.

‍