Атака на цепочку поставок: вредоносный PR в Astro-проекте
A recent Supply chain attack involving a malicious pull request (PR) has highlighted serious weaknesses in the software development lifecycle, especially in open-source projects. The incident targeted the repository Egonex-AI/Understand-Anything, where the payload was carefully embedded in astro.config.mjs.
This file is particularly important in the Astro framework because it is executed as a Node.js module for every build and development operation. As a result, the malicious code could run automatically, without any user interaction.
How the attack was disguised
The malicious PR was masked with an innocuous title and description and contained fabricated technical changes designed to hide the true nature of the modifications. At first glance, the commit appeared legitimate, which made the attack harder to detect during code review.
According to the report, the payload initiated communication with one of three hardcoded command-and-control servers (C2). After establishing the initial connection, it used a campaign marker for exfiltration and applied advanced techniques to load a bot client.
Second-stage command relay via blockchain
One of the most notable elements of the attack was the use of a second-stage command relay through public blockchain infrastructure. This approach makes mitigation significantly more difficult, since defenders cannot simply block the IP addresses associated with the C2 servers.
The attack also involved obfuscation of the command flow, allowing the adversary to effectively restore the require function in an ES-module context without drawing immediate attention during code inspection. This was achieved by adding invisible import statements to the code.
In the second stage, the malware coordinated with blockchain systems to retrieve transaction data, which was then decoded and used to execute further malicious commands.
Why this technique is dangerous
The shift to blockchain as a command relay mechanism is especially significant. It allows the attacker to change the payload simply by updating transaction data in the blockchain, thereby bypassing traditional detection methods that rely on blocking IP addresses or domains.
The attacker can modify the command without changing the public repository, exploiting dependencies on public APIs. This complicates incident response, because such APIs are also used legitimately in benign applications.
The multi-layered nature of this attack shows how social engineering, code obfuscation, and blockchain infrastructure can be combined to build highly resilient attack vectors.
What this incident reveals
- Open-source repositories remain a high-value target for Supply chain attacks.
- Malicious PRs can be disguised as harmless technical updates.
- Invisible code changes and obfuscation can evade routine review.
- Blockchain-based command relays reduce the effectiveness of IP-based blocking.
- Public APIs, while legitimate, can be abused as part of a broader attack chain.
The incident underscores the need for vigilant code review processes and increased attention to Supply chain risks in modern software development. In an environment where attackers combine social engineering, stealthy code manipulation, and public blockchain services, traditional security controls are no longer sufficient on their own.
Отчет получен из сервиса CTT Report Hub. Права на отчет принадлежат его владельцу.
Ознакомиться подробнее с отчетом можно по ссылке.
