Supply chain compromise of AsyncAPI npm packages (2026-07-14) that delivered a staged, IPFS-hosted, multi-channel-C2 credential-stealing Trojan framework. Initial access: on 2026-07-14 an attacker opened 37 pull requests to asyncapi/generator; 36 were decoys adding a fake charity donation page, one exploited a misconfigured GitHub Actions workflow (.github/workflows/manual-netlify-preview.yml — a pull_request_target 'pwn request' that checked out PR code instead of the base branch) to steal the org-wide Personal Access Token of the asyncapi-bot service account (PR #2155 at 05:08 UTC; malicious run completed 05:16 UTC before automated review flagged the obfuscation and blocked merge). The stolen PAT was used to push a malicious commit (3eab3ec9304aa26081358330491d3cfeb55cc245, 'fix: test release workflow on next') to the next branch of asyncapi/generator at 06:58 UTC, triggering the release workflow to publish 3 compromised npm packages at 07:10 UTC; the attacker then pushed 11 commits to asyncapi/spec-json-schemas (07:51-08:28 UTC) publishing 2 more versions of @asyncapi/specs. The vulnerability class was known: PoC in asyncapi/generator PR #2078 (Apr 29) and a proposed fix in PR #2092 (May 17) that was still unmerged 58 days later. Payload self-identifies as campaign 'miasma-train-p1' (SafeDep first-party) and as 'M-RED-TEAM v6.4' in code comments (Wiz). ATTRIBUTION IS UNRESOLVED and BOTH sources decline it: the javascript-obfuscator custom-base64 config, giteaPackagesOrg='miasma-test-org', persistence service 'miasma-monitor.service', and miasma-branded Nostr tags echo the Miasma framework, WHILE the rentry.co dead-drop slug 'elzotebo' matches the separate 'prt-scan' campaign (which Wiz states is NOT linked to Miasma). The payload is a ground-up rewrite (vanilla Node.js not Bun; secp256k1 + AES-256-GCM + HKDF; ChannelOrchestrator C2 over HTTP/Nostr/Ethereum/IPFS/BitTorrent-DHT/libp2p) with minimal resemblance to prior Miasma and Shai-Hulud worm payloads. Treat any link to Miasma: The Spreading Blight as LOW CONFIDENCE (shared brand strings + obfuscation config only). Combined ~2.9M weekly downloads across the compromised packages; payload executes on import/require, not on install.
Objective
Credential harvesting (browser passwords/cookies, SSH keys, npm/GitHub/AWS tokens, macOS Keychain, crypto wallets) and modular RAT command-and-control, with dormant worm-propagation capability.
Related campaigns
Packages
Indicators
- ipv4 85.137.53.71communicates-with
- wallet 0x12c37A86a0Ed0beBe5d1d6a43E42f07860eAc710communicates-with
- wallet 0x1969ab05d67b67fdcaa26240f738ccb077e1cd84communicates-with
- wallet 0x92d4C5413e4F7B258a114964101F9e1C6d64C6Baindicates
- domain relay.damus.iocommunicates-with
- domain relay.nostr.comcommunicates-with
- domain ipfs.iocommunicates-with
- url ipfs://QmQobZSp1wRPrpSEQ56qnyq7ecZh5Bg5k1fnjt4SUwwHb9communicates-with
- url ipfs://Qmet4fhsAaWMBUxNDfREHwgiyDeSWy4YSYs9wiKUW5jGyfcommunicates-with
- domain rentry.coexfiltrates-to
- sha1 c8cb3f6d5b90c46686d2bf531dc1a5786e27edc5indicates
- github_repo asyncapi/generatorindicates
- github_repo asyncapi/spec-json-schemasindicates
- sha1 22bf76fe317ea6769bd38619bd440e42d119bd6bindicates
- sha1 a7e18d96efd3cdb127ef4cdcad9e3ad26c482bf2indicates
- sha1 9890950adcbc2478e7a080234f053214adbad44eindicates
- sha256 62ee164b9b306250c1172583f138c9614139264f889fa99614903c12755468d0indicates
- sha256 a3894003ad1d293ba96d77881ccd2071446dc3f65f434669b49b3da92421901aindicates
- sha1 c70e105e212ff3c1daa04bb2a62507717f296b0bindicates
Techniques
- ttp CI/CD pull_request_target Pwn Requestuses
- ttp Decoy Pull Request Flooduses
- ttp T1078 Valid Accountsuses
- ttp T1195.002 Compromise Software Supply Chainuses
- ttp Whitespace Padding Concealmentuses
- ttp T1027 Obfuscated Files or Informationuses
- ttp T1105 Ingress Tool Transferuses
- ttp T1543.002 Systemd Serviceuses
- ttp T1555 Credentials from Password Storesuses
- ttp T1552.001 Unsecured Credentials: Credentials In Filesuses
- ttp Resilient Multi-Channel C2uses
- ttp T1041 Exfiltration Over C2 Channeluses
- ttp T1567 Exfiltration Over Web Serviceuses
- ttp T1195.001 Compromise Software Dependencies and Development Toolsuses
- ttp T1059.007 Command and Scripting Interpreter: JavaScriptuses
- ttp T1528 Steal Application Access Tokenuses
- ttp T1071.001 Application Layer Protocol: Web Protocolsuses
- ttp T1102 Web Serviceuses
- ttp T1546 Event Triggered Executionuses
- ttp T1021 Remote Servicesuses
- ttp T1098 Account Manipulationuses