Dissecting the NX Supply Chain Attack

Transcript

1. Dissecting NX Supply Chain Attack by Rohit Narayanan M

2. What happened? 1000 + Developer systems compromised 2300+ Secrets Leaked

   10000+ Repositories made public

3. Security Engineer @ Scapia 4+ Years in Web security CTF

   player @ team bi0s I am Rohit Narayanan M AKA Lu513n

4. Nx build? • Widely-used, open-source build system with millions of

   weekly downloads • Controls how source code is tested, bundled, and prepared for deployment. • Operates in privileged environments (developer machines, CI/CD pipelines) with access to all source code, dependencies, and secrets like API keys and authentication tokens, making it a high-value target for credential theft.

5. How? Vulnerability in Github Action Malicious NPM Packages pushed Malicious

   Commit altering publish pipeline More than 1200 repos made with exfiltrated secrets Malicious Pull Request GITHUB_TOKEN Leaked NPM Token leaked DIspatching Publish pipeline Private repos made public with already exfiltrated tokens 1. Malicious PR -> GITHUB_TOKEN 2. Malicious Commit -> NPM Token 3. Exfiltrating Secrets

6. Github Action Using pull_request_target dispatch Checking out the base branch

   not the main Using the pull_request.title directly in run

7. pull_request_target

8. pull_request.title

9. Malicious PR (POC) Dumping the whole memory and searching for

   the token Token only valid for the action time - sleep will help keep the token active
10. None

11. Malicious Commit Allowed them to extract the NPM Token to

    a remote URL Use the extracted Token to publish package to NPM

12. NPM Package published • Malicious code was added to multiple

    npm packages • Code was packed into postinstall script thereby executing upon installation • Used AI agents if present to extract secrets

13. Secret extraction methods

14. Secret extraction methods

15. Persistence & Extraction

16. None

17. Further Measures by nx Migration to Trusted Publishers: long-lived NPM

    tokens -> Trusted Publishers (uses OIDC authentication). Enforced CI/CD and 2FA: All CI pipelines requires manual two-factor authentication. Enhanced Contributor Vetting: Pipeline runs disabled for all external contributors, manual approval required.

18. What can we do? SBOM: Instantly identify compromised packages. Code

    Signing: Verify the authenticity and integrity of packages and code. Short-Lived & Scoped Tokens: Use temporary, narrowly-permissioned tokens to limit an attacker's access and impact. Egress Traffic Visibility: Flag unauthorized data exfiltration to attacker servers. SLSA: Secure the end-to-end software supply chain. EDR/XDR: Detect malicious runtime activity on endpoints. Using NPM's Trusted Publishers using OIDC authentication

19. References • https://nx.dev/blog/s1ngularity-postmortem • https://www.wiz.io/blog/s1ngularitys-aftermath • https://github.com/nrwl/nx/security/advisories/GHSA-cxm3-wv7p-598c • https://github.com/nrwl/nx/commit/3905475cfd0e0ea670e20c6a9eaeb768169 dc33d

20. Thank You