Executive Summary
In June 2026, Microsoft identified a significant supply chain attack targeting the Mastra AI ecosystem, attributed to the North Korean state-sponsored group Sapphire Sleet (also known as BlueNoroff). The attackers compromised an npm maintainer account, 'ehindero,' with publishing privileges across the Mastra package environment. They published malicious updates for over 140 packages within the @mastra scope, introducing a malicious dependency named 'easy-day-js,' a typosquat of the legitimate 'dayjs' JavaScript library. Upon installation, this dependency executed a post-install hook deploying a malware dropper on developers' devices, aiming to steal sensitive credentials, API keys, authentication tokens, and cryptocurrency wallets. The second-stage payload was a cross-platform information stealer designed to target Windows, Linux, and macOS systems, collecting host information, browser histories, installed applications, running processes, and checking for 166 cryptocurrency wallet browser extensions, including MetaMask, Phantom, Coinbase Wallet, Binance Wallet, and TronLink. The malware employed different persistence methods depending on the operating system, such as Windows Registry Run keys, macOS LaunchAgents, and Linux systemd services. Microsoft observed that systems communicating with the attackers' command-and-control servers exhibited follow-on activity consistent with Sapphire Sleet's previous campaigns, including the deployment of a PowerShell backdoor, additional persistence mechanisms, Microsoft Defender exclusions, and a malicious Windows service granting SYSTEM privileges. This incident underscores the evolving tactics of North Korean threat actors in targeting the software supply chain to facilitate credential theft and cryptocurrency asset exfiltration. Organizations are urged to enhance their supply chain security measures and remain vigilant against such sophisticated attacks.
Why This Matters Now
The Mastra AI supply chain attack highlights the increasing sophistication of state-sponsored cyber threats targeting software supply chains. With the rise of open-source dependencies in software development, attackers exploit these ecosystems to distribute malicious code widely. This incident serves as a critical reminder for organizations to implement robust supply chain security practices, conduct thorough code audits, and monitor for anomalous activities to mitigate the risk of similar attacks.
Attack Path Analysis
The attackers compromised an npm maintainer account to publish malicious updates, leading to the installation of malware on developers' devices. The malware escalated privileges to gain deeper system access, moved laterally to other systems, established command and control channels, exfiltrated sensitive data, and caused significant operational impact.
Kill Chain Progression
Initial Compromise
Description
Attackers compromised the npm maintainer account 'ehindero' to publish malicious updates for over 140 packages in the @mastra scope.
MITRE ATT&CK® Techniques
Supply Chain Compromise: Compromise Software Dependencies and Development Tools
Valid Accounts
Command and Scripting Interpreter: PowerShell
Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder
Impair Defenses: Disable or Modify Tools
Input Capture: Keylogging
Data from Local System
Exfiltration Over C2 Channel
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
PCI DSS 4.0 – Ensure the integrity of software and firmware
Control ID: 6.3.2
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA – ICT Risk Management Framework
Control ID: Article 5
CISA ZTMM 2.0 – Supply Chain Risk Management
Control ID: 3.1
NIS2 Directive – Cybersecurity Risk Management Measures
Control ID: Article 21
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Computer Software/Engineering
Direct exposure to npm supply chain attacks targeting developer environments, with malicious packages compromising build systems and stealing API keys through typosquatting tactics.
Financial Services
Primary target of North Korean Sapphire Sleet group, facing cryptocurrency theft risks and credential harvesting attacks through compromised development tools and wallets.
Cryptocurrencies
Targeted for wallet extension compromise across 166 cryptocurrency platforms including MetaMask and Coinbase, enabling direct asset theft through developer system infiltration.
Information Technology/IT
Cross-platform malware deployment affecting Windows, Linux, and macOS systems, compromising IT infrastructure through persistent backdoors and privilege escalation mechanisms.
Sources
- Microsoft links Mastra AI supply chain attack to North Korean hackershttps://www.bleepingcomputer.com/news/security/microsoft-links-mastra-ai-supply-chain-attack-to-north-korean-hackers/Verified
- From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleethttps://www.microsoft.com/en-us/security/blog/2026/06/17/postinstall-payload-inside-mastra-npm-supply-chain-compromise/Verified
- Mastra npm: 144 packages compromised via supply chainhttps://www.secnews.gr/en/715710/mastra-npm-supply-chain-attack-easy-day-js/Verified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Aviatrix Zero Trust CNSF is pertinent to this incident as it could have limited the attacker's ability to escalate privileges, move laterally, establish command and control channels, and exfiltrate sensitive data, thereby reducing the overall impact.
Control: Cloud Native Security Fabric (CNSF)
Mitigation: While Aviatrix Zero Trust CNSF primarily focuses on network-level controls, it could have limited the attacker's ability to exploit compromised credentials by enforcing strict network segmentation and access controls.
Control: Zero Trust Segmentation
Mitigation: Aviatrix Zero Trust Segmentation could have limited the malware's ability to escalate privileges by enforcing strict access controls and segmenting workloads, thereby reducing the attacker's ability to gain elevated access.
Control: East-West Traffic Security
Mitigation: Aviatrix East-West Traffic Security could have limited the malware's ability to move laterally by enforcing strict access controls and segmenting workloads, thereby reducing the attacker's ability to access other systems.
Control: Multicloud Visibility & Control
Mitigation: Aviatrix Multicloud Visibility & Control could have limited the malware's ability to establish command and control channels by enforcing strict access controls and monitoring network traffic, thereby reducing the attacker's ability to communicate with external infrastructure.
Control: Egress Security & Policy Enforcement
Mitigation: Aviatrix Egress Security & Policy Enforcement could have limited the malware's ability to exfiltrate sensitive data by enforcing strict access controls and monitoring outbound network traffic, thereby reducing the attacker's ability to transfer data to external infrastructure.
Aviatrix Zero Trust CNSF could have limited the overall impact of the attack by reducing the attacker's ability to escalate privileges, move laterally, establish command and control channels, and exfiltrate sensitive data, thereby reducing the overall impact.
Impact at a Glance
Affected Business Functions
- Software Development
- Continuous Integration/Continuous Deployment (CI/CD)
- Application Security
Estimated downtime: 7 days
Estimated loss: $500,000
Potential exposure of sensitive credentials, API keys, authentication tokens, and cryptocurrency wallets.
Recommended Actions
Key Takeaways & Next Steps
- • Implement Zero Trust Segmentation to restrict lateral movement and limit the spread of malware within the network.
- • Enforce Egress Security & Policy Enforcement to monitor and control outbound traffic, preventing unauthorized data exfiltration.
- • Utilize Multicloud Visibility & Control to detect and respond to anomalous activities across cloud environments.
- • Deploy Inline IPS (Suricata) to identify and block known exploit patterns and malicious payloads in real-time.
- • Establish Threat Detection & Anomaly Response mechanisms to promptly detect and mitigate suspicious behaviors indicative of compromise.
