miasma-train-p1

discovered 2026-07-14

Supply chain compromise of AsyncAPI npm packages (2026-07-14) that delivered a staged, IPFS-hosted, multi-channel-C2 credential-stealing Trojan framework. Initial access: on 2026-07-14 an attacker opened 37 pull requests to asyncapi/generator; 36 were decoys adding a fake charity donation page, one exploited a misconfigured GitHub Actions workflow (.github/workflows/manual-netlify-preview.yml — a pull_request_target 'pwn request' that checked out PR code instead of the base branch) to steal the org-wide Personal Access Token of the asyncapi-bot service account (PR #2155 at 05:08 UTC; malicious run completed 05:16 UTC before automated review flagged the obfuscation and blocked merge). The stolen PAT was used to push a malicious commit (3eab3ec9304aa26081358330491d3cfeb55cc245, 'fix: test release workflow on next') to the next branch of asyncapi/generator at 06:58 UTC, triggering the release workflow to publish 3 compromised npm packages at 07:10 UTC; the attacker then pushed 11 commits to asyncapi/spec-json-schemas (07:51-08:28 UTC) publishing 2 more versions of @asyncapi/specs. The vulnerability class was known: PoC in asyncapi/generator PR #2078 (Apr 29) and a proposed fix in PR #2092 (May 17) that was still unmerged 58 days later. Payload self-identifies as campaign 'miasma-train-p1' (SafeDep first-party) and as 'M-RED-TEAM v6.4' in code comments (Wiz). ATTRIBUTION IS UNRESOLVED and BOTH sources decline it: the javascript-obfuscator custom-base64 config, giteaPackagesOrg='miasma-test-org', persistence service 'miasma-monitor.service', and miasma-branded Nostr tags echo the Miasma framework, WHILE the rentry.co dead-drop slug 'elzotebo' matches the separate 'prt-scan' campaign (which Wiz states is NOT linked to Miasma). The payload is a ground-up rewrite (vanilla Node.js not Bun; secp256k1 + AES-256-GCM + HKDF; ChannelOrchestrator C2 over HTTP/Nostr/Ethereum/IPFS/BitTorrent-DHT/libp2p) with minimal resemblance to prior Miasma and Shai-Hulud worm payloads. Treat any link to Miasma: The Spreading Blight as LOW CONFIDENCE (shared brand strings + obfuscation config only). Combined ~2.9M weekly downloads across the compromised packages; payload executes on import/require, not on install.

Objective

Credential harvesting (browser passwords/cookies, SSH keys, npm/GitHub/AWS tokens, macOS Keychain, crypto wallets) and modular RAT command-and-control, with dormant worm-propagation capability.

Related campaigns

Packages

Indicators

Techniques

Read the full analysis →