Nx Build System Compromise Targets Developers with AI-Enhanced Supply Chain Attack

The StepSecurity research team has issued a warning about a large-scale supply chain attack involving the popular Nx build system package, downloaded more than 4 million times per week. On August 26, 2025, attackers published a series of compromised versions of Nx containing a malicious payload designed to steal cryptocurrency wallets, SSH keys, environment variables, and developer tokens.

According to the report, “Starting August 26, 2025 at approximately 23:00 UTC, the popular Nx build system package published a series of compromised versions containing malicious code designed to steal cryptocurrency wallets, SSH keys, environment variables, and GitHub/npm tokens.”

The compromised packages leveraged a malicious post-install hook that executed telemetry.js. StepSecurity explains: “The compromised Nx package contains a malicious post-install hook that triggers a file named telemetry.js. This script executes immediately after package installation, giving attackers access to developer machines at scale.”

Unlike typical repository compromises, this attack appears to stem from stolen npm publishing credentials.

The payload was engineered for Linux and macOS systems, avoiding Windows. Its functions included:

• Scanning system paths for sensitive files like .env, id_rsa, wallet.dat, and browser storage.
• Targeting crypto wallets (MetaMask, Electrum, Ledger, Trezor, Exodus, Phantom, Solflare).
• Harvesting GitHub and npm tokens.
• Collecting SSH private keys and environment variables.

Perhaps the most alarming detail was the novel abuse of AI CLI tools. The report warns: “In a concerning new development, the malware attempts to abuse locally installed AI assistant CLIs (claude, gemini, q) to bypass traditional security boundaries.”

By executing commands with flags like –dangerously-skip-permissions and –trust-all-tools, the malware forced AI assistants to recursively inventory sensitive files—turning them into unwilling accomplices in the attack.

Once data was harvested, the malware created public GitHub repositories using stolen tokens. It then triple-base64 encoded the stolen information and uploaded it as results.b64.

StepSecurity observed, “There are already thousands of public GitHub repositories with exfiltrated credentials.”

Beyond theft, the malware introduced sabotage. “To maintain persistence and cause disruption, the malware appends sudo shutdown -h 0 to both ~/.bashrc and ~/.zshrc. This causes any new terminal session to attempt an immediate system shutdown.”

This not only disrupts developer workflows but also delays detection.

Victims should look for:

• Modified files (~/.bashrc, ~/.zshrc) containing sudo shutdown -h 0.
• Created files (/tmp/inventory.txt, /tmp/inventory.txt.bak).
• Outbound requests to api.github.com creating repositories named s1ngularity-repository.
• Presence of results.b64 in unauthorized GitHub repos

StepSecurity urges immediate action:

• Check your versions – If using Nx 20.9.0 to 21.8.0, you may be compromised.
• Purge malicious code – Remove node_modules, clear npm cache, update package-lock.json.
• Inspect shell configs – Remove any shutdown commands from .bashrc and .zshrc.
• Audit accounts – Search for unauthorized GitHub repos, review logs, and revoke tokens.
• Rotate all credentials immediately – GitHub tokens, npm credentials, SSH keys, API keys, and crypto wallets.

As the report warns: “If a compromised version ran in your environment, rotate all the secrets immediately.”

Related Posts:

• Critical Ricoh Streamline NX Flaw (CVSS 9.8) Allows SYSTEM-Level Code Execution
• Python Developers Targeted in Massive Supply Chain Attack; Over 170,000 Users Affected
• SSH Security Breach: Researchers Discover Vulnerability in Crypto Keys
• Malicious npm Packages Exploiting Typosquatting to Inject SSH Backdoors