Ongoing Supply Chain Attacks Worm into SAP npm Packages

A sophisticated supply chain attack campaign has targeted multiple developer ecosystems, compromising official npm packages from SAP and other widely used tools. The attacks, dubbed 'Mini Shai-Hulud' by security researchers, represent a significant escalation in the ongoing battle against supply chain compromises that threaten the integrity of open-source software ecosystems.

The compromised packages include four official SAP JavaScript and cloud application development tools: [email protected], @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected]. Collectively, these packages receive approximately 572,000 weekly downloads, exposing potentially hundreds of thousands of developer environments to credential theft and further compromise.

"The compromised packages contain malicious preinstall scripts set to execute automatically on every npm install, running attacker-controlled code before any application code," explained security researchers from Wiz, which first identified the SAP-related compromises on April 29.

The Attack Mechanism

The Mini Shai-Hulud campaign employs a multi-stage payload that:

1. Steals developer secrets including GitHub tokens, npm credentials, cloud secrets (AWS, Azure, GCP), Kubernetes tokens, and GitHub Actions secrets
2. Self-propagates to additional repositories and package distributions
3. Encrypts all stolen data
4. Exfiltrates the encrypted secrets into new GitHub repositories under the victim's own account

"The second-stage payload is a credential stealer and propagation framework designed to target both developer environments and CI/CD pipelines," researchers noted. "It leverages advanced techniques such as extracting secrets from runner memory."

Extended Impact

On April 30, the campaign expanded to include additional packages:

• The intercom-client npm package (versions 7.0.4 and 7.0.5), which sees about 360,000 weekly downloads
• The PyPI package Lightning (versions 2.6.2 and 2.6.3), a deep learning framework with hundreds of thousands of daily downloads

"The attack closely resembles the [email protected] PyPI attack from earlier today, as well as the TeamPCP-linked supply chain campaign we reported yesterday affecting SAP CAP and Cloud MTA npm packages," noted security firm Socket, which maintains a dedicated page tracking the Mini Shai-Hulud campaign.

Attribution and Motivation

Both Wiz and Socket attribute the SAP compromise to TeamPCP, a cybercrime crew previously linked to attacks on Checkmarx, Bitwarden, Telnyx, LiteLLM, and Aqua Security's Trivy product. The coordinated nature of these attacks across multiple platforms suggests a sophisticated operation with significant resources.

Regulatory Implications

These supply chain attacks have significant legal and compliance implications under data protection regulations like GDPR and CCPA. When developer credentials and secrets are compromised, they can lead to unauthorized access to personal data stored in cloud services, potentially triggering notification requirements and substantial fines.

Under GDPR, organizations may face penalties up to 4% of annual global turnover or €20 million (whichever is higher) for failing to implement appropriate technical measures to protect personal data. Similarly, the CCPA in California imposes obligations on businesses to implement reasonable security procedures and practices appropriate to the nature of the information.

Impact on Organizations and Developers

The compromised packages affect multiple layers of the software development lifecycle:

1. Direct developers: Those who install these packages directly in their projects
2. Indirect users: Organizations that depend on applications built with these packages
3. CI/CD pipelines: Automated build and deployment systems that may execute the malicious code
4. Cloud environments: Where compromised credentials could lead to broader system access

The real exposure likely extends beyond direct dependencies because these packages are commonly installed in backend services, developer environments, and CI/CD pipelines that integrate with the respective APIs.

Mitigation and Response

Organizations should take immediate action:

1. Audit development environments for installations of compromised packages
2. Rotate all potentially exposed credentials, especially GitHub tokens, npm credentials, and cloud service keys
3. Implement stricter package validation policies in CI/CD pipelines
4. Consider using package integrity verification tools
5. Review access controls for developer environments and repositories

SAP has published a security note for customers and partners, though it's only accessible to logged-in customers. The company did not respond to specific questions about the compromise.

Broader Context

These attacks represent a worrying trend in cybersecurity where attackers increasingly target the software supply chain rather than individual organizations. By compromising widely used developer tools, attackers can potentially breach thousands of organizations simultaneously with a single successful attack.

The digital rights implications are significant: when developer credentials are stolen, it not only threatens corporate security but also potentially exposes personal data of end users. This creates a ripple effect that extends far beyond the immediate development teams to affect the privacy and security of countless individuals.

As open-source software becomes increasingly central to modern infrastructure, the security of these ecosystems becomes a critical concern for digital rights and privacy advocates. The ongoing nature of these attacks suggests that we're in a new era of cyber threats that require fundamentally different approaches to software security and development practices.