Menace actors have been noticed importing a set of eight packages on the npm registry that masqueraded as integrations concentrating on the n8n workflow automation platform to steal builders’ OAuth credentials.
One such package deal, named “n8n-nodes-hfgjf-irtuinvcm-lasdqewriit,” mimics a Google Adverts integration, and prompts customers to hyperlink their promoting account in a seemingly professional type after which siphon it to servers beneath the attackers’ management.
“The assault represents a brand new escalation in provide chain threats,” Endor Labs stated in a report printed final week. “Not like conventional npm malware, which frequently targets developer credentials, this marketing campaign exploited workflow automation platforms that act as centralized credential vaults – holding OAuth tokens, API keys, and delicate credentials for dozens of built-in companies like Google Adverts, Stripe, and Salesforce in a single location.”
The whole listing of recognized packages, which have since been eliminated, is as follows –
- n8n-nodes-hfgjf-irtuinvcm-lasdqewriit (4,241 downloads, writer: kakashi-hatake)
- n8n-nodes-ggdv-hdfvcnnje-uyrokvbkl (1,657 downloads, writer: kakashi-hatake)
- n8n-nodes-vbmkajdsa-uehfitvv-ueqjhhhksdlkkmz (1,493 downloads, writer: kakashi-hatake)
- n8n-nodes-performance-metrics (752 downloads, writer: hezi109)
- n8n-nodes-gasdhgfuy-rejerw-ytjsadx (8,385 downloads, writer: zabuza-momochi)
- n8n-nodes-danev (5,525 downloads, writer: dan_even_segler)
- n8n-nodes-rooyai-model (1,731 downloads, writer: haggags)
- n8n-nodes-zalo-vietts (4,241 downloads, authors: vietts_code and diendh)
The customers “zabuza-momochi,” “dan_even_segler,” and “diendh” have additionally been linked to different libraries which might be nonetheless obtainable for obtain as of writing –
It isn’t clear in the event that they harbor related malicious performance. Nevertheless, an evaluation of the primary three packages on ReversingLabs Spectra Guarantee has uncovered no safety points. Within the case of “n8n-nodes-zl-vietts,” the evaluation has flagged the library as containing a element with malware historical past.
Apparently, an up to date model of the package deal “n8n-nodes-gg-udhasudsh-hgjkhg-official” was printed to npm simply three hours in the past, suggesting that the marketing campaign is probably ongoing.
The malicious package deal, as soon as put in as a group node, behaves like another n8n integration, displaying configuration screens and saving the Google Adverts account OAuth tokens in encrypted format to the n8n credential retailer. When the workflow is executed, it runs code to decrypt the saved tokens utilizing n8n’s grasp key and exfiltrates them to a distant server.
The event marks the primary time a provide chain menace has explicitly focused the n8n ecosystem, with dangerous actors weaponizing the belief in group integrations to realize their objectives.
The findings spotlight the safety points that include integrating untrusted workflows, which might broaden the assault floor. Builders are advisable to audit packages earlier than putting in them, scrutinize package deal metadata for any anomalies, and use official n8n integrations.
N8n has additionally warned concerning the safety threat arising from the usage of group nodes from npm, which it stated can execute malicious actions on the machine that the service runs on. On self-hosted n8n situations, it is suggested to disable group nodes by setting N8N_COMMUNITY_PACKAGES_ENABLED to false.
“Neighborhood nodes run with the identical degree of entry as n8n itself. They will learn atmosphere variables, entry the file system, make outbound community requests, and, most critically, obtain decrypted API keys and OAuth tokens throughout workflow execution,” researchers Kiran Raj and Henrik Plate stated. “There isn’t a sandboxing or isolation between node code and the n8n runtime.”
“Due to this, a single malicious npm package deal is sufficient to acquire deep visibility into workflows, steal credentials, and talk externally with out elevating rapid suspicion. For attackers, the npm provide chain presents a quiet and extremely efficient entry level into n8n environments.”
