Emerging ThreatsSupply Chain Attacks

Microsoft Links North Korea to Mastra AI Supply Chain Compromise

Analyst 207||Source: InfoSecMag
Cluttered tech workspace with laptop and papers, background blurred.

Over 140 packages across Mastra scopes on the npm registry were affected in what Microsoft described as a “large-scale npm supply chain attack,” and the company says the operation was the work of a North Korean state actor it tracks as Sapphire Sleet.

Microsoft attributes the operation to Sapphire Sleet

On June 19, the Microsoft Defender Security Research Team and Microsoft Threat Intelligence assessed with “high confidence” that the Mastra campaign is attributable to Sapphire Sleet, a North Korean state actor that primarily targets the financial sector. Microsoft reported that the infrastructure and the post-compromise tactics, techniques and procedures (TTPs) it observed in the Mastra campaign were consistent with previously documented Sapphire Sleet activity. Microsoft noted that Sapphire Sleet is the name it has designated the group; other trackers have called the same actor APT38, BlueNoroff, Stardust Chollima and TA444.

How the Mastra supply chain was poisoned

Microsoft said the source of the compromise was the takeover of an npm maintainer account. The account’s publishing privileges were abused to publish poisoned instances of Mastra code that included a malicious dependency named easy-day-js. By compromising a maintainer with publishing rights, the attacker was able to introduce malicious code into packages used by downstream developers.

What the malicious package did: TLS bypass, C2 contact, cross‑platform payloads and crypto theft

According to Microsoft, the poisoned Mastra instance disabled Transport Layer Security (TLS) certificate verification and contacted an attacker-controlled command-and-control (C2) server. That C2 server then delivered a malware payload that could be deployed on Windows, MacOS and Linux systems.

Microsoft said the malware had two primary aims. First, consistent with other North Korean campaigns that target cryptocurrency, the malware searched for the existence of 166 cryptocurrency wallet browser-extension IDs — including MetaMask, Phantom, Coinbase Wallet, Binance Wallet and TronLink — with the intent to steal from them. Second, the malware performed reconnaissance on infected machines. Microsoft reported it could gather browser history and enumerate the hostname, architecture, platform, user ID, installed applications and running processes.

Microsoft’s immediate mitigation guidance for developers and CI/CD environments

  • Review dependency trees for direct or transitive usage of affected @mastra packages at the compromised versions listed above.
  • Check for the presence of easy-day-js in node_modules/ or package-lock.json files across your projects and CI/CD environments.
  • Pin known-good package versions where possible. For mastra, Microsoft says version 1.13.0 and earlier are unaffected. For Foz @mastra/core, version 1.42.0 and earlier are unaffected.

What this means for developers, enterprises, and end users

  • Developers and open-source maintainers: Microsoft’s account-based compromise shows how a single maintainer account with publishing privileges can be weaponized to reach large numbers of downstream projects. The company’s specific checks (searching package-lock.json and node_modules/ for easy-day-js, and pinning to known-good versions) are immediate, actionable steps.
  • Enterprises and CI/CD teams: Because the poisoned packages targeted npm and can propagate transitively, CI/CD pipelines and centralized dependency inventories should be scanned for the listed dependency and for the affected @mastra versions. Pinning and dependency-tree reviews are the measures Microsoft highlighted.
  • End users and cryptocurrency holders: The malware’s behavior — scanning for 166 wallet extension IDs and collecting browser history and system details — means users of browser-based wallets named by Microsoft (MetaMask, Phantom, Coinbase Wallet, Binance Wallet, TronLink and others) should be alert to potential theft stemming from developer-supply-chain compromises.

Microsoft did not describe how the npm maintainer’s privileged account was taken over, but the company noted Sapphire Sleet’s history of social engineering attacks that have harnessed LinkedIn against victims in the financial, blockchain and cryptocurrency sectors. That point ties the Mastra campaign to a pattern Microsoft says it has observed before: compromise of developer-facing tooling to reach financial and crypto assets downstream.

The concrete steps Microsoft published — search for easy-day-js, audit dependency trees, and pin to the unaffected mastra and Foz @mastra/core versions — convert the attribution into immediate defensive work for teams that consume these packages. Whether those mitigations will be sufficient to remove all downstream risk depends on how broadly the poisoned packages were incorporated and whether additional maintainer accounts were abused.

Source: Infosecurity Magazine — Microsoft Attributes Mastra AI Supply Chain Attack to North Korea

Emerging ThreatsNation-StateNorth KoreaSupply ChainFinancial SectorSapphire SleetMastra AINpm Registry
Related Intelligence

Continue Reading

Network operations center with exposed cables and equipment near a large window.

FortiBleed Campaign Exposes 80K Targets Worldwide

A massive cybersecurity threat, dubbed FortiBleed, has exposed over 80,000 Fortinet FortiGate devices worldwide, with alarming ease, by exploiting weak passwords and reused credentials. The US Cybersecurity agency is urging affected customers to secure their appliances immediately to prevent a potential breach.

Analyst 207
Emergency alert system interface on a computer monitor in a government office setting.

Brazil Probes Hack of Emergency Alert System After Rogue Alert

A bogus emergency alert sent shockwaves across Brazil, pinging mobile devices in multiple states with a mysterious message reading "Alerta extremo - Defesa Civil:misantropi4". The authorities are now scrambling to investigate the hack, with SEDEC and Federal Police on the case.

Analyst 207
Cloud-based software integration hub with OAuth token authorization prompt on laptop screen.

Klue Breach Exposes Cybersecurity Firms to OAuth Token Abuse

A single compromised credential led to a massive security breach at Klue, allowing an unauthorized actor to exploit OAuth tokens and gain access to sensitive customer data on third-party platforms like Salesforce. This incident highlights the growing threat of OAuth token abuse and the need for robust cybersecurity measures.

Analyst 207
CSIS agent surrounded by technology equipment in a neutral setting.

Canada's Spy Agency Neutralizes Foreign Botnets with Landmark Warrant

In a groundbreaking move, Canada's spy agency, CSIS, has successfully neutralized two foreign-run botnets operating on Canadian soil, thanks to a landmark warrant that allowed them to access and shut down infected devices. This pioneering threat-reduction tactic marks a major win in the fight against botnet threats.

Analyst 207