A sophisticated, self-propagating malware campaign is targeting the software supply chain, with a particularly concerning modern development: a wiper designed to specifically target systems located in Iran. The malware, dubbed CanisterWorm by researchers at Aikido, exploits vulnerabilities in Continuous Integration and Continuous Delivery (CI/CD) pipelines – the automated processes developers use to build, test, and deploy software – to spread rapidly. This latest incident underscores the growing threat to open-source software and the potential for malicious actors to inflict significant disruption.
The campaign began with a compromise of the vulnerability scanner Trivy, as reported by security researchers. This compromise stemmed from a previous breach at Aqua Security in February, where compromised credentials allowed attackers, identified as the group TeamPCP, to gain control of the GitHub account used to distribute Trivy. While Aqua Security attempted to address the issue by rotating credentials, the process was incomplete, leaving a window of opportunity for TeamPCP to inject malicious code. The incident highlights the challenges of securing the complex web of dependencies inherent in modern software development. CI/CD pipelines, while essential for speed and efficiency, can become prime targets for attackers seeking to distribute malware at scale.
How CanisterWorm Spreads
CanisterWorm operates by infecting npm packages – reusable components of code shared by developers. According to Charlie Eriksen, a researcher at Aikido, “Every developer or CI pipeline that installs this package and has an npm token accessible becomes an unwitting propagation vector.” If a developer’s system or CI/CD pipeline has access to an npm token, the malware can use that token to infect other packages, creating a cascading effect. Downstream users who install these infected packages then risk further spreading the malware if they, too, have accessible npm tokens. This creates a dangerous cycle of infection, making containment tough.
The malware’s evolution took a troubling turn over the weekend with the addition of a wiper component, named Kamikaze, specifically targeting machines in Iran. Eriksen explained in an email that the updated worm checks the machine’s timezone or configuration to determine if it’s located in or configured for use in Iran. If either condition is met, Kamikaze activates, abandoning its initial function of stealing credentials and instead initiating a destructive wipe. While there’s currently no evidence of widespread damage in Iran, Eriksen warned of the “clear potential for large-scale impact if it achieves active spread.”
The Kamikaze wiper’s actions are particularly brutal, Eriksen noted, outlining its “decision tree”:
- Kubernetes + Iran: Deploy a DaemonSet that wipes every node in the cluster
- Kubernetes + elsewhere: Deploy a DaemonSet that installs the CanisterWorm backdoor on every node
- No Kubernetes + Iran:
rm -rf / --no-preserve-root - No Kubernetes + elsewhere: Exit. Nothing happens.
The rm -rf / --no-preserve-root command, used on systems not running Kubernetes, is a particularly destructive instruction that attempts to delete all files on the system, bypassing standard safeguards.
A Shift in Motivation?
TeamPCP has historically been motivated by financial gain, focusing on stealing credentials and selling access to compromised systems. The addition of the Iran-specific wiper is therefore unusual. “TeamPCP’s targeting of a country that the US is currently at war with is a curious choice,” Eriksen wrote. “With no clear connection to monetary profit, the wiper seems out of character for TeamPCP.” Aikido researchers are currently investigating the motive behind this shift, considering both ideological factors and the possibility that the attack is intended to draw attention to the group itself.
“While there may be an ideological component, it could just as easily be a deliberate attempt to draw attention to the group,” Eriksen stated. “Historically, TeamPCP has appeared to be financially motivated, but there are signs that visibility is becoming a goal in itself. By going after security tools and open-source projects, including Checkmarx as of today, they are sending a clear and deliberate signal.” The targeting of Checkmarx, a software security company, further suggests a deliberate attempt to undermine the security industry and gain notoriety.
The Ongoing Supply Chain Crisis
This incident is part of a broader trend of supply chain attacks targeting the open-source ecosystem. The compromise of Trivy followed the earlier breach at Aqua Security, demonstrating how vulnerabilities in one component can ripple through the entire software supply chain. The Record reported on the Trivy compromise, detailing the steps TeamPCP took to exploit the vulnerability.
Aqua Security has acknowledged the incomplete credential rotation and stated they are conducting a more thorough purge of compromised credentials. However, the incident serves as a stark reminder of the challenges in securing complex software supply chains and the need for robust security practices throughout the development lifecycle. Organizations relying on open-source components must prioritize vulnerability management, implement strong access controls, and regularly audit their dependencies.
The incident also raises questions about the security of npm tokens and the potential for attackers to exploit them. Developers and CI/CD pipeline administrators should review their security practices and ensure that npm tokens are stored securely and rotated regularly. npm documentation provides guidance on managing and securing npm tokens.
As of Monday, Aikido reported that the malicious canister had been taken down, but the underlying vulnerabilities remain. The incident underscores the need for continued vigilance and proactive security measures to protect the software supply chain from future attacks. The potential for further exploitation remains high, and organizations should remain alert for any signs of compromise.
The Cybersecurity and Infrastructure Security Agency (CISA) has not yet issued a specific advisory regarding this incident, but continues to provide guidance on securing the software supply chain. Organizations are encouraged to review CISA’s resources and implement recommended security practices. The next update from CISA regarding supply chain security is expected in early June.
What are your thoughts on the increasing threat to open-source software? Share your comments below, and please share this article with your network to raise awareness about this critical issue.
