top of page
Search

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

  • Mar 21
  • 2 min read

Key Findings


* TeamPCP cybercriminal group suspected behind supply chain attack


* 47 npm packages compromised across multiple scopes


* Self-propagating CanisterWorm uses ICP blockchain canister as command-and-control infrastructure


* Attack leverages npm package postinstall hooks to execute malware


* Worm can automatically spread using stolen npm authentication tokens


* Decentralized C2 infrastructure makes takedown efforts difficult


Background


The supply chain attack targets the popular Trivy security scanner, initiated through a compromised credential that allowed threat actors to publish malicious versions of trivy, trivy-action, and setup-trivy releases. The attack represents a sophisticated approach to spreading malware across developer environments, exploiting npm package distribution mechanisms.


Technical Infection Mechanism


The attack chain involves multiple stages:


* Postinstall hook executes a loader


* Loader drops Python backdoor


* Backdoor contacts ICP canister for payload retrieval


* Persistent systemd service ensures continued execution


* Backdoor polls canister every 50 minutes for potential new payloads


Propagation Technique


The CanisterWorm demonstrates two primary propagation methods:


* Manual "deploy.js" script using stolen npm tokens


* Automated self-propagation through postinstall script that harvests npm tokens


* Ability to programmatically push malicious packages to multiple repositories


* Uses AI-generated code for worm functionality


Command and Control Infrastructure


The attack uses an innovative dead drop resolver via an ICP blockchain canister:


* Decentralized infrastructure resistant to takedown


* Canister controller can swap URL dynamically


* Supports methods to update and retrieve payload links


* Currently returns a YouTube link as a potential kill switch


Persistence and Evasion


The malware employs several stealth techniques:


* Systemd service masquerading as PostgreSQL tooling


* 5-second delayed restart mechanism


* Spoofed browser User-Agent


* Ability to remain dormant or active based on canister URL


Sources


  • https://thehackernews.com/2026/03/trivy-supply-chain-attack-triggers-self.html

  • https://www.linkedin.com/posts/dlross_trivy-supply-chain-attack-triggers-self-spreading-activity-7441129011881246720-kp30

  • https://x.com/samilaiho/status/2035372020947365995

  • https://www.reddit.com/r/SecOpsDaily/comments/1rzlu8w/trivy_supply_chain_attack_triggers_selfspreading/

  • https://x.com/solixbigdata/status/2035265376074809408

Recent Posts

See All

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page