紧急供应链投毒预警 | Sha1-Hulud变种蠕虫来袭,开源社区再次遭受大规模投毒窃密攻击
悬镜供应链安全情报中心是国内首个数字供应链安全情报研究中心。依托悬镜安全团队强大的供应链SBOM管理与监测能力和AI安全大数据云端分析能力,悬镜云脉XSBOM数字供应链安全情报预警服务通过对全球数字供应链投毒情报、漏洞情报、停服断供情报等进行实时动态监测与溯源分析,可为用户智能精准预警“与我有关”的数字供应链安全情报,提供情报查询、情报订阅、可视化关联分析等企业级服务。
SBOM情报概述
Summary
今日(2025.11.24)悬镜安全在NPM仓库及Github平台再次监控到大规模Sha1-Hulud变种投毒活动,截至目前超过2.7万个开源项目遭受攻击,包括多个总下载量过亿的热门组件。
悬镜安全在今年9月15日首次捕获并披露针对多款热门NPM开源项目的供应链代码投毒事件紧急供应链投毒预警 | NPM生态再次遭受盗号攻击引发新一轮开源供应链投毒,该系列投毒攻击具备极强感染传播性,并被安全社区内命名为Sha1-Hulud蠕虫。Sha1-Hulud蠕虫攻击会在NPM组件源码中植入混淆恶意文件,其主要功能是在组件安装过程中静默窃取受害者系统平台信息、环境变量数据以及主流业务(包括NPM、Github、AWS、AZure及GCP等)token密钥凭证,并将窃取的密钥数据通过创建Github repo和执行GitHub action等方式外传到Github平台,攻击者一旦盗取开发环境相关token,可进一步发动更深入的供应链攻击。相较于首次Sha1-Hulud投毒,本次变种攻击代码功能更复杂,混淆力度更强,攻击传播范围更广。
截止目前仍有众多遭受Sha1-Hulud变种感染的NPM组件项目正常托管在NPM仓库及各大下游镜像仓库,对于依赖开源NPM组件的企业及开发者应提高警惕预防潜在的供应链投毒攻击。悬镜安全也将持续跟踪该系列投毒事件并第一时间进行通报预警。
超2.7万项目遭受Sha1-Hulud投毒蠕虫攻击
投毒分析
Poisoning Analysis
本次Sha1-Hulud变种会直接篡改目标NPM项目package.json文件并植入两份恶意代码文件 setup_bun.js 及 bun_environment.js,setup_bun.js 负责从Github平台下载窃密脚本所需运行时环境后并最终加载bun_environment.js实现密钥窃取及外传等功能。
1
恶意文件植入
以热门 posthog 组件 posthog-js 1.297.3版本为例,攻击者在package.json中植入preinstall指令实现在组件安装过程中执行第一阶段恶意代码文件 setup_bun.js 文件。
posthog-js项目主页
package.json文件
setup_bun.js 主要功能是从攻击者服务器(https://bun.sh)下载并执行第二阶段远程恶意(bash/powershell)脚本文件。
第一阶段:setup_bun.js 恶意文件
第二阶段远程恶意脚本文件如下所示,主要负责从GitHub平台(https://github.com/oven-sh/bun/releases)下载与目标系统架构匹配的轻量级JS运行时环境oven-sh/bun,并最终利用 oven-sh/bun 执行第三阶段恶意JS文件 bun_environment.js 。
第二阶段:远程install恶意脚本
bun_environment.js 文件包含以近10MB字节高度混淆的js代码。
第三阶段:混淆恶意文件bun_environment.js
2
系统信息及token密钥收集
bun_environment.js 恶意代码进一步分析受害者系统平台环境(系统类型、处理器架构等),并根据平台信息从Github平台上获取对应的 TruffleHog 二进制文件(https://github.com/trufflesecurity/trufflehog)到目标系统中执行,主要目的是从文件系统和代码库中搜索高熵字符串及已知模式的token凭证。
TruffleHog下载执行
恶意代码收集的系统敏感信息主要包括平台数据、环境变量、以及各类主流业务(NPM、Github、AWS、GCP等)的token及密钥,如下所示:
环境变量数据及token密钥收集
3
窃密数据外传
bun_environment.js 会进一步利用新建Github repo的方式将盗取的敏感数据经过双重base64编码后推送到特定repo中,这些repo具备固定的项目描述信息:"Sha1-Hulud: The Second Coming."。
如下所示,受害者被投毒攻击后,敏感数据将直接在Github上公开泄漏,base64解码后可还原出github token凭证。
密钥数据编码外传
密钥数据泄漏
通过以下Github查询接口可获知所有遭受Sha1-Hulud变种蠕虫攻击导致的泄密项目动态。
https://github.com/search?q=Sha1-Hulud:+The+Second+Coming.&type=repositories4
蠕虫传播
外此,bun_environment.js 还会探测并篡改当前受害系统环境中的 npm 配置,结合代码注入,利用窃取的token进行NPM组件重新打包发布投毒组件,从而实现类似蠕虫的投毒传播效果。
重打包发布npm投毒组件
5
受投毒影响项目
截至目前,遭受本次Sha1-Hulud变种蠕虫攻击的NPM开源项目汇总如下:
pkg:npm/@actbase/css-to-react-native-transformpkg:npm/@actbase/node-serverpkg:npm/@actbase/react-absolutepkg:npm/@actbase/react-daum-postcodepkg:npm/@actbase/react-kakaosdkpkg:npm/@actbase/react-native-actionsheetpkg:npm/@actbase/react-native-devtoolspkg:npm/@actbase/react-native-fast-imagepkg:npm/@actbase/react-native-kakao-channelpkg:npm/@actbase/react-native-kakao-navipkg:npm/@actbase/react-native-less-transformerpkg:npm/@actbase/react-native-naver-loginpkg:npm/@actbase/react-native-simple-videopkg:npm/@actbase/react-native-tiktokpkg:npm/@alaan/s2s-authpkg:npm/@aryanhussain/my-angular-libpkg:npm/@asyncapi/avro-schema-parserpkg:npm/@asyncapi/bundlerpkg:npm/@asyncapi/clipkg:npm/@asyncapi/converterpkg:npm/@asyncapi/diffpkg:npm/@asyncapi/dotnet-rabbitmq-templatepkg:npm/@asyncapi/edavisualiserpkg:npm/@asyncapi/generatorpkg:npm/@asyncapi/generator-componentspkg:npm/@asyncapi/generator-helperspkg:npm/@asyncapi/generator-react-sdkpkg:npm/@asyncapi/go-watermill-templatepkg:npm/@asyncapi/html-templatepkg:npm/@asyncapi/java-spring-cloud-stream-templatepkg:npm/@asyncapi/java-spring-templatepkg:npm/@asyncapi/java-templatepkg:npm/@asyncapi/keeperpkg:npm/@asyncapi/markdown-templatepkg:npm/@asyncapi/modelinapkg:npm/@asyncapi/modelina-clipkg:npm/@asyncapi/multi-parserpkg:npm/@asyncapi/nodejs-templatepkg:npm/@asyncapi/nodejs-ws-templatepkg:npm/@asyncapi/nunjucks-filterspkg:npm/@asyncapi/openapi-schema-parserpkg:npm/@asyncapi/optimizerpkg:npm/@asyncapi/parserpkg:npm/@asyncapi/php-templatepkg:npm/@asyncapi/problempkg:npm/@asyncapi/protobuf-schema-parserpkg:npm/@asyncapi/python-paho-templatepkg:npm/@asyncapi/react-componentpkg:npm/@asyncapi/server-apipkg:npm/@asyncapi/specspkg:npm/@asyncapi/web-componentpkg:npm/@caretive/caret-clipkg:npm/@ensdomains/address-encoderpkg:npm/@ensdomains/blacklistpkg:npm/@ensdomains/bufferpkg:npm/@ensdomains/ccip-read-cf-workerpkg:npm/@ensdomains/ccip-read-dns-gatewaypkg:npm/@ensdomains/ccip-read-routerpkg:npm/@ensdomains/ccip-read-worker-viempkg:npm/@ensdomains/content-hashpkg:npm/@ensdomains/curvearithmeticspkg:npm/@ensdomains/cypress-metamaskpkg:npm/@ensdomains/dnsprovejspkg:npm/@ensdomains/dnssec-oracle-anchorspkg:npm/@ensdomains/dnssecoraclejspkg:npm/@ensdomains/durinpkg:npm/@ensdomains/durin-middlewarepkg:npm/@ensdomains/ens-archived-contractspkg:npm/@ensdomains/ens-avatarpkg:npm/@ensdomains/ens-contractspkg:npm/@ensdomains/ens-test-envpkg:npm/@ensdomains/ens-validationpkg:npm/@ensdomains/ensjspkg:npm/@ensdomains/ensjs-reactpkg:npm/@ensdomains/eth-ens-namehashpkg:npm/@ensdomains/hackathon-registrarpkg:npm/@ensdomains/hardhat-chai-matchers-viempkg:npm/@ensdomains/hardhat-toolbox-viem-extendedpkg:npm/@ensdomains/mockpkg:npm/@ensdomains/name-wrapperpkg:npm/@ensdomains/offchain-resolver-contractspkg:npm/@ensdomains/op-resolver-contractspkg:npm/@ensdomains/react-ens-addresspkg:npm/@ensdomains/renewalpkg:npm/@ensdomains/renewal-widgetpkg:npm/@ensdomains/reverse-recordspkg:npm/@ensdomains/server-analyticspkg:npm/@ensdomains/solsha1pkg:npm/@ensdomains/subdomain-registrarpkg:npm/@ensdomains/test-utilspkg:npm/@ensdomains/thorinpkg:npm/@ensdomains/uipkg:npm/@ensdomains/unicode-confusablespkg:npm/@ensdomains/unruggable-gatewayspkg:npm/@ensdomains/vite-plugin-i18next-loaderpkg:npm/@ensdomains/web3modalpkg:npm/@hapheus/n8n-nodes-pgppkg:npm/@kvytech/clipkg:npm/@kvytech/componentspkg:npm/@kvytech/medusa-plugin-announcementpkg:npm/@kvytech/medusa-plugin-managementpkg:npm/@kvytech/medusa-plugin-newsletterpkg:npm/@kvytech/medusa-plugin-product-reviewspkg:npm/@kvytech/webpkg:npm/@louisle2/corepkg:npm/@louisle2/cortex-jspkg:npm/@markvivanco/app-version-checkerpkg:npm/@mcp-use/clipkg:npm/@mcp-use/inspectorpkg:npm/@mcp-use/mcp-usepkg:npm/@mparpaillon/connector-parsepkg:npm/@mparpaillon/imagesloadedpkg:npm/@mparpaillon/pagepkg:npm/@orbitgtbelgium/mapbox-gl-draw-cut-polygon-modepkg:npm/@orbitgtbelgium/mapbox-gl-draw-scale-rotate-modepkg:npm/@orbitgtbelgium/orbit-componentspkg:npm/@orbitgtbelgium/time-sliderpkg:npm/@posthog/agentpkg:npm/@posthog/aipkg:npm/@posthog/automatic-cohorts-pluginpkg:npm/@posthog/clipkg:npm/@posthog/corepkg:npm/@posthog/currency-normalization-pluginpkg:npm/@posthog/customerio-pluginpkg:npm/@posthog/databricks-pluginpkg:npm/@posthog/event-sequence-timer-pluginpkg:npm/@posthog/first-time-event-trackerpkg:npm/@posthog/geoip-pluginpkg:npm/@posthog/github-release-tracking-pluginpkg:npm/@posthog/gitub-star-sync-pluginpkg:npm/@posthog/hedgehog-modepkg:npm/@posthog/ingestion-alert-pluginpkg:npm/@posthog/kinesis-pluginpkg:npm/@posthog/maxmind-pluginpkg:npm/@posthog/nextjspkg:npm/@posthog/nextjs-configpkg:npm/@posthog/nuxtpkg:npm/@posthog/pagerduty-pluginpkg:npm/@posthog/piscinapkg:npm/@posthog/plugin-contribpkg:npm/@posthog/plugin-unduplicatespkg:npm/@posthog/react-rrweb-playerpkg:npm/@posthog/rrdompkg:npm/@posthog/rrwebpkg:npm/@posthog/rrweb-playerpkg:npm/@posthog/rrweb-recordpkg:npm/@posthog/rrweb-snapshotpkg:npm/@posthog/rrweb-utilspkg:npm/@posthog/sendgrid-pluginpkg:npm/@posthog/siphashpkg:npm/@posthog/snowflake-export-pluginpkg:npm/@posthog/taxonomy-pluginpkg:npm/@posthog/twilio-pluginpkg:npm/@posthog/twitter-followers-pluginpkg:npm/@posthog/url-normalizer-pluginpkg:npm/@posthog/variance-pluginpkg:npm/@posthog/web-dev-serverpkg:npm/@posthog/wizardpkg:npm/@postman/aether-iconspkg:npm/@postman/csv-parsepkg:npm/@postman/final-node-keytarpkg:npm/@postman/mcp-ui-clientpkg:npm/@postman/node-keytarpkg:npm/@postman/pm-bin-linux-x64pkg:npm/@postman/pm-bin-macos-arm64pkg:npm/@postman/pm-bin-macos-x64pkg:npm/@postman/pm-bin-windows-x64pkg:npm/@postman/postman-collection-forkpkg:npm/@postman/postman-mcp-clipkg:npm/@postman/postman-mcp-serverpkg:npm/@postman/pretty-mspkg:npm/@postman/secret-scanner-wasmpkg:npm/@postman/tunnel-agentpkg:npm/@postman/wdio-allure-reporterpkg:npm/@postman/wdio-junit-reporterpkg:npm/@quick-start-soft/quick-document-translatorpkg:npm/@quick-start-soft/quick-git-clean-markdownpkg:npm/@quick-start-soft/quick-markdownpkg:npm/@quick-start-soft/quick-markdown-composepkg:npm/@quick-start-soft/quick-markdown-imagepkg:npm/@quick-start-soft/quick-task-refinepkg:npm/@seung-ju/nextpkg:npm/@seung-ju/openapi-generatorpkg:npm/@seung-ju/react-hookspkg:npm/@seung-ju/react-native-action-sheetpkg:npm/@strapbuild/react-native-date-time-pickerpkg:npm/@strapbuild/react-native-perspective-image-cropperpkg:npm/@strapbuild/react-native-perspective-image-cropper-2pkg:npm/@strapbuild/react-native-perspective-image-cropper-poojan31pkg:npm/@trigo/atrixpkg:npm/@trigo/atrix-aclpkg:npm/@trigo/atrix-elasticsearchpkg:npm/@trigo/atrix-mongoosepkg:npm/@trigo/atrix-orientdbpkg:npm/@trigo/atrix-postgrespkg:npm/@trigo/atrix-pubsubpkg:npm/@trigo/atrix-redispkg:npm/@trigo/atrix-soappkg:npm/@trigo/atrix-swaggerpkg:npm/@trigo/bool-expressionspkg:npm/@trigo/eslint-config-trigopkg:npm/@trigo/fsmpkg:npm/@trigo/hapi-auth-signedlinkpkg:npm/@trigo/jsdtpkg:npm/@trigo/keycloak-apipkg:npm/@trigo/node-soappkg:npm/@trigo/pathfinder-ui-csspkg:npm/@trigo/trigo-hapijspkg:npm/@zapier/ai-actionspkg:npm/@zapier/ai-actions-reactpkg:npm/@zapier/babel-preset-zapierpkg:npm/@zapier/browserslist-config-zapierpkg:npm/@zapier/eslint-plugin-zapierpkg:npm/@zapier/mcp-integrationpkg:npm/@zapier/secret-scrubberpkg:npm/@zapier/spectral-api-rulesetpkg:npm/@zapier/stubtreepkg:npm/@zapier/zapier-sdkpkg:npm/asyncapi-previewpkg:npm/atrixpkg:npm/atrix-mongoosepkg:npm/axios-builderpkg:npm/bool-expressionspkg:npm/bun-plugin-httpfilepkg:npm/bytecode-checker-clipkg:npm/calc-loan-interestpkg:npm/capacitor-plugin-apptrackingiospkg:npm/capacitor-plugin-purchasepkg:npm/capacitor-plugin-scgssigninwithgooglepkg:npm/capacitor-purchase-historypkg:npm/capacitor-voice-recorder-wavpkg:npm/claude-token-updaterpkg:npm/command-irailpkg:npm/cpu-instructionspkg:npm/create-glee-apppkg:npm/create-hardhat3-apppkg:npm/create-mcp-use-apppkg:npm/crypto-addr-codecpkg:npm/devstart-clipkg:npm/discord-bot-serverpkg:npm/dotnet-templatepkg:npm/esbuild-plugin-etapkg:npm/esbuild-plugin-httpfilepkg:npm/eslint-config-trigopkg:npm/eslint-config-zeallat-basepkg:npm/ethereum-enspkg:npm/evm-checkcode-clipkg:npm/exact-tickerpkg:npm/expo-audio-sessionpkg:npm/gate-evm-check-code2pkg:npm/gate-evm-tools-testpkg:npm/github-action-for-generatorpkg:npm/go-templatepkg:npm/iron-shield-miniapppkg:npm/jan-browserpkg:npm/korea-administrative-area-geo-json-utilpkg:npm/lite-serper-mcp-serverpkg:npm/manual-billing-system-miniapp-apipkg:npm/mcp-usepkg:npm/medusa-plugin-announcementpkg:npm/medusa-plugin-momopkg:npm/medusa-plugin-product-reviews-kvypkg:npm/medusa-plugin-zalopaypkg:npm/n8n-nodes-tmdbpkg:npm/open2internetpkg:npm/orbit-boxiconspkg:npm/orbit-nebula-draw-toolspkg:npm/orbit-nebula-editorpkg:npm/orbit-soappkg:npm/poper-react-sdkpkg:npm/posthog-docusauruspkg:npm/posthog-jspkg:npm/posthog-nodepkg:npm/posthog-plugin-hello-worldpkg:npm/posthog-react-nativepkg:npm/posthog-react-native-session-replaypkg:npm/react-component-taggerspkg:npm/react-element-prompt-inspectorpkg:npm/react-library-setuppkg:npm/react-native-use-modalpkg:npm/react-native-worklet-functionspkg:npm/redux-forgepkg:npm/redux-router-kitpkg:npm/rollup-plugin-httpfilepkg:npm/scgs-capacitor-subscribepkg:npm/scgsffcreatorpkg:npm/shinhan-limit-scrappkg:npm/skills-usepkg:npm/test-foundry-apppkg:npm/test-hardhat-apppkg:npm/token.js-forkpkg:npm/trigo-react-apppkg:npm/typeorm-orbitpkg:npm/vite-plugin-httpfilepkg:npm/web-types-litpkg:npm/webpack-loader-httpfilepkg:npm/zapier-async-storagepkg:npm/zapier-platform-clipkg:npm/zapier-platform-corepkg:npm/zapier-platform-legacy-scripting-runnerpkg:npm/zapier-platform-schemapkg:npm/zapier-scriptspkg:npm/zuper-clipkg:npm/zuper-sdkpkg:npm/zuper-stream
排查方式
Investigation Method
以 posthog-js 恶意组件为例,开发者 在项目目录下 可通过命令 在项目目录下使用 npm list posthog-js 或 npm list -g posthog-js 查询是否已安装存在投毒代码的组件版本(1.297.3),如果已安装请立即使用 npm install posthog-js@1.297.2 或 npm install -g posthog-js@1.297.2 回滚到最新安全版本。
此外,也可使用 OpenSCA-cli 工具将受影响的组件包按如下示例保存为db.json文件,并在配置文件中配置db.json路径后直接执行扫描命令(opensca-cli -path ${project_path}),即可快速获知您的项目是否受到投毒包影响。
[{"product": "posthog-js","version": "[1.297.3]","language": "javascript","id": "XMIRROR-MAL45-AC966442","description": "NPM组件posthog-js遭受Sha1-Hulud蠕虫投毒,窃取系统平台信息及盗取应用业务token密钥","release_date": "2025-11-24"}]
悬镜供应链安全情报中心是国内首个数字供应链安全情报研究中心。依托悬镜安全团队强大的供应链SBOM管理与监测能力和AI安全大数据云端分析能力,悬镜云脉XSBOM数字供应链安全情报预警服务通过对全球数字供应链投毒情报、漏洞情报、停服断供情报等进行实时动态监测与溯源分析,可为用户智能精准预警“与我有关”的数字供应链安全情报,提供情报查询、情报订阅、可视化关联分析等企业级服务。
有“AI”的1024 = 2048,欢迎大家加入2048 AI社区
更多推荐
10
0- 0
已为社区贡献3条内容
所有评论(0)