Microsoft Traces Mastra AI Supply Chain Attack to North Korean Hackers

Post Views: 5

Microsoft has linked a recent supply chain attack targeting the Mastra AI ecosystem to a North Korean state-sponsored hacking group.

Overview of the Attack

Microsoft has linked a recent supply chain attack targeting the Mastra AI ecosystem to a North Korean state-sponsored hacking group. The incident involved the compromise of over 140 npm packages, with attackers leveraging a hijacked maintainer account to distribute malicious updates. The cybercriminals are identified as Sapphire Sleet, a threat actor associated with North Korea that primarily focuses on financial sector targets.

Compromised Packages and Malicious Dependency

The attack began when adversaries gained control of the npm maintainer account “ehindero,” which held publishing rights within the Mastra package environment. Using this access, the attackers introduced malicious updates to more than 140 packages under the @mastra scope. These updates included a deceptive dependency named “easy-day-js,” which mimicked the legitimate dayjs JavaScript library.

Malware Dropper and Data Extraction

When developers installed the compromised packages, the malicious dependency triggered a post-installation script that deployed a malware dropper. This dropper aimed to extract sensitive data, including credentials, API keys, authentication tokens, and cryptocurrency wallet information. The malicious payload executed an obfuscated script that disabled TLS certificate validation, enabling communication with attacker-controlled command-and-control (C2) servers.

System-Level Data Collection and Persistence

The malware also gathered system-level data, such as browser histories, installed applications, and active processes. It specifically scanned for 166 cryptocurrency wallet extensions, including MetaMask, Phantom, and Binance Wallet. On affected systems, the malware implemented operating system-specific persistence mechanisms, such as Windows Registry Run keys, macOS LaunchAgents, and Linux systemd services.

Follow-On Activities and Backdoor Deployment

Microsoft noted that systems interacting with the C2 infrastructure exhibited follow-on activities consistent with Sapphire Sleet’s tactics. These included the deployment of a PowerShell backdoor previously linked to the group, additional persistence techniques, Microsoft Defender exclusions, and a malicious Windows service granting SYSTEM-level privileges. The backdoor, infrastructure, and operational methods align with prior campaigns attributed to the threat actor.

Previous Attack and Security Implications

Sapphire Sleet is also connected to a separate npm supply chain attack targeting the Axios HTTP client in April 2026. The group’s activities highlight the growing threat of supply chain compromises, particularly in open-source ecosystems. Security teams are urged to implement rigorous verification processes for dependencies and monitor for anomalous network behavior. The attack underscores the need for continuous vigilance in securing software development pipelines, as adversaries increasingly exploit trusted platforms to infiltrate targeted organizations.

Microsoft noted that systems interacting with the C2 infrastructure exhibited follow-on activities consistent with Sapphire Sleet’s tactics.

Security teams are urged to implement rigorous verification processes for dependencies and monitor for anomalous network behavior.