npm scope/account-takeover supply chain attack against the @mastra (Mastra AI agent framework) ecosystem. On 2026-06-17 (UTC) the attacker republished 143 first-party @mastra packages (including @mastra/core, mastra, create-mastra) in a ~84-minute burst (01:12-02:36). The publisher account `ehindero` was a stale former Mastra contributor whose scope access was never revoked (~16 months dormant) and whose email had been changed to a tutamail address. Library code was left byte-identical; each malicious release added exactly one dependency, easy-day-js (a dayjs clone), whose postinstall hook drops and runs a multi-platform cryptocurrency-stealing RAT. Malicious versions were published from a personal token with dist.attestations=null, breaking the OIDC/SLSA provenance baseline of legitimate releases. Tradecraft overlaps the Sapphire Sleet / BlueNoroff cluster (SafeDep assessment, unconfirmed).
Objective
Compromise developer and CI machines via a trusted AI-agent-framework scope to steal cryptocurrency wallets and browser/credential data through a persistent multi-platform RAT.
Packages
- npm @mastra/coreattributed-to
- npm easy-day-jsattributed-to
- npm @mastra/acpattributed-to
- npm @mastra/agent-browserattributed-to
- npm @mastra/agent-builderattributed-to
- npm @mastra/agentcoreattributed-to
- npm @mastra/agentfsattributed-to
- npm @mastra/ai-sdkattributed-to
- npm @mastra/arizeattributed-to
- npm @mastra/arthurattributed-to
- npm @mastra/astraattributed-to
- npm @mastra/authattributed-to
- npm @mastra/auth-auth0attributed-to
- npm @mastra/auth-better-authattributed-to
- npm @mastra/auth-clerkattributed-to
- npm @mastra/auth-cloudattributed-to
- npm @mastra/auth-firebaseattributed-to
- npm @mastra/auth-oktaattributed-to
- npm @mastra/auth-studioattributed-to
- npm @mastra/auth-supabaseattributed-to
- npm @mastra/auth-workosattributed-to
- npm @mastra/azureattributed-to
- npm @mastra/blaxelattributed-to
- npm @mastra/braintrustattributed-to
- npm @mastra/brightdataattributed-to
- npm @mastra/browser-firecrawlattributed-to
- npm @mastra/browser-viewerattributed-to
- npm @mastra/chromaattributed-to
- npm @mastra/clickhouseattributed-to
- npm @mastra/claudeattributed-to
- npm @mastra/client-jsattributed-to
- npm @mastra/cloudattributed-to
- npm @mastra/cloudflareattributed-to
- npm @mastra/cloudflare-d1attributed-to
- npm @mastra/codemodattributed-to
- npm @mastra/convexattributed-to
- npm @mastra/couchbaseattributed-to
- npm @mastra/cursorattributed-to
- npm @mastra/daneattributed-to
- npm @mastra/datadogattributed-to
- npm @mastra/daytonaattributed-to
- npm @mastra/deployerattributed-to
- npm @mastra/deployer-cloudattributed-to
- npm @mastra/deployer-cloudflareattributed-to
- npm @mastra/deployer-netlifyattributed-to
- npm @mastra/deployer-vercelattributed-to
- npm @mastra/dockerattributed-to
- npm @mastra/dsqlattributed-to
- npm @mastra/duckdbattributed-to
- npm @mastra/dynamodbattributed-to
- npm @mastra/e2battributed-to
- npm @mastra/editorattributed-to
- npm @mastra/elasticsearchattributed-to
- npm @mastra/engineattributed-to
- npm @mastra/evalsattributed-to
- npm @mastra/expressattributed-to
- npm @mastra/fastembedattributed-to
- npm @mastra/fastifyattributed-to
- npm @mastra/files-sdkattributed-to
- npm @mastra/gcsattributed-to
- npm @mastra/github-signalsattributed-to
- npm @mastra/google-cloud-pubsubattributed-to
- npm @mastra/google-driveattributed-to
- npm @mastra/honoattributed-to
- npm @mastra/inngestattributed-to
- npm @mastra/koaattributed-to
- npm @mastra/laminarattributed-to
- npm @mastra/lanceattributed-to
- npm @mastra/langfuseattributed-to
- npm @mastra/langsmithattributed-to
- npm @mastra/libsqlattributed-to
- npm @mastra/loggersattributed-to
- npm @mastra/longmemevalattributed-to
- npm @mastra/mcpattributed-to
- npm @mastra/mcp-docs-serverattributed-to
- npm @mastra/mcp-registry-registryattributed-to
- npm @mastra/mem0attributed-to
- npm @mastra/memoryattributed-to
- npm @mastra/modalattributed-to
- npm @mastra/mongodbattributed-to
- npm @mastra/mssqlattributed-to
- npm @mastra/mysqlattributed-to
- npm @mastra/nestjsattributed-to
- npm @mastra/node-audioattributed-to
- npm @mastra/observabilityattributed-to
- npm @mastra/openaiattributed-to
- npm @mastra/opencodeattributed-to
- npm @mastra/opensearchattributed-to
- npm @mastra/otel-bridgeattributed-to
- npm @mastra/otel-exporterattributed-to
- npm @mastra/perplexityattributed-to
- npm @mastra/pgattributed-to
- npm @mastra/pineconeattributed-to
- npm @mastra/playground-uiattributed-to
- npm @mastra/posthogattributed-to
- npm @mastra/qdrantattributed-to
- npm @mastra/ragattributed-to
- npm @mastra/railwayattributed-to
- npm @mastra/reactattributed-to
- npm @mastra/redisattributed-to
- npm @mastra/redis-streamsattributed-to
- npm @mastra/s3attributed-to
- npm @mastra/schema-compatattributed-to
- npm @mastra/sentryattributed-to
- npm @mastra/serverattributed-to
- npm @mastra/slackattributed-to
- npm @mastra/spannerattributed-to
- npm @mastra/speech-azureattributed-to
- npm @mastra/speech-elevenlabsattributed-to
- npm @mastra/speech-googleattributed-to
- npm @mastra/speech-ibmattributed-to
- npm @mastra/speech-murfattributed-to
- npm @mastra/speech-openaiattributed-to
- npm @mastra/speech-replicateattributed-to
- npm @mastra/speech-speechifyattributed-to
- npm @mastra/stagehandattributed-to
- npm @mastra/tavilyattributed-to
- npm @mastra/temporalattributed-to
- npm @mastra/turbopufferattributed-to
- npm @mastra/twilioattributed-to
- npm @mastra/upstashattributed-to
- npm @mastra/vectorizeattributed-to
- npm @mastra/vercelattributed-to
- npm @mastra/voice-aws-nova-sonicattributed-to
- npm @mastra/voice-azureattributed-to
- npm @mastra/voice-cloudflareattributed-to
- npm @mastra/voice-deepgramattributed-to
- npm @mastra/voice-elevenlabsattributed-to
- npm @mastra/voice-gladiaattributed-to
- npm @mastra/voice-googleattributed-to
- npm @mastra/voice-google-gemini-liveattributed-to
- npm @mastra/voice-inworldattributed-to
- npm @mastra/voice-modelslabattributed-to
- npm @mastra/voice-murfattributed-to
- npm @mastra/voice-openaiattributed-to
- npm @mastra/voice-openai-realtimeattributed-to
- npm @mastra/voice-playaiattributed-to
- npm @mastra/voice-sarvamattributed-to
- npm @mastra/voice-speechifyattributed-to
- npm @mastra/voice-xai-realtimeattributed-to
- npm create-mastraattributed-to
- npm mastraattributed-to
- npm @mastra/node-speakerattributed-to
- npm @mastra/s3vectorsattributed-to
Indicators
- email [email protected]indicates
- email [email protected]indicates
- url https://23.254.164.92:8000/update/49890878communicates-with
- url https://23.254.164.123/49890878communicates-with
- ipv4 23.254.164.92indicates
- ipv4 23.254.164.123indicates
- sha256 221c45a790dec2a296af57969e1165a16f8f49733aeab64c0bbd768d9943badfindicates
- sha256 4a8860240e4231c3a74c81949be655a28e096a7d72f38fbe84e5b37636b98417indicates
- sha256 ae70dd4f6bc0d1c8c2848e4e6b51934626c4818dcb5af99d080ddbd7dc337185indicates
- sha256 2e2340f2ab71f321d3ef6fb9a7542fb9f30f3c65ba7ef924fcd8acc63829b5bfindicates
- file_path setup.cjsindicates
- file_path .pkg_historyindicates
- file_path .pkg_logsindicates
- file_path ~/Library/LaunchAgents/com.nvm.protocal.plistindicates
- file_path ~/Library/NodePackages/protocal.cjsindicates
- file_path ~/.config/systemd/user/nvmconf.serviceindicates
- file_path ~/.config/NodePackages/config.jsonindicates
- file_path C:\ProgramData\NodePackagesindicates
- email [email protected]indicates
Techniques
- ttp T1195.002 Compromise Software Supply Chainuses
- ttp T1078 Valid Accountsuses
- ttp T1059.007 Command and Scripting Interpreter: JavaScriptuses
- ttp T1140 Deobfuscate/Decode Files or Informationuses
- ttp T1071.001 Application Layer Protocol: Web Protocolsuses
- ttp T1105 Ingress Tool Transferuses
- ttp T1547 Boot or Logon Autostart Executionuses
- ttp T1555 Credentials from Password Storesuses
- ttp T1070.004 File Deletionuses
- ttp T1657 Financial Theftuses
- ttp T1562.001 Impair Defenses: Disable or Modify Toolsuses
- ttp T1036 Masqueradinguses
- ttp T1027 Obfuscated Files or Informationuses
- ttp Provenance Attestation Dropuses
- ttp Detached Process Second-Stage Executionuses
