Microsoft has attributed a recent supply chain attack targeting the Mastra AI ecosystem to Sapphire Sleet, a North Korean state-sponsored hacking group also known as BlueNoroff. The incident involved the compromise of an npm maintainer account, which was then used to publish malicious updates across more than 140 packages under the @mastra namespace, affecting developers who unknowingly installed the tainted dependencies.
According to Microsoft, the attackers gained control of the maintainer account “ehindero,” enabling them to inject a malicious dependency named “easy-day-js,” a typosquatted version of the popular dayjs library. Once installed, the compromised packages triggered a post-installation script that executed an obfuscated dropper, disabled TLS certificate verification, and connected to attacker-controlled infrastructure to retrieve and run a second-stage payload in a hidden process.
The second-stage malware was designed as a cross-platform information stealer capable of targeting Windows, macOS, and Linux systems. It collected host data, browser activity, installed applications, and running processes, while also scanning for 166 cryptocurrency wallet browser extensions, including widely used tools like MetaMask, Phantom, and Coinbase Wallet. Depending on the operating system, it established persistence using mechanisms such as Windows Registry Run keys, macOS LaunchAgents, and Linux systemd services.
Microsoft reports that infected systems communicating with the command-and-control infrastructure showed additional post-compromise activity consistent with previous Sapphire Sleet operations. This included deployment of a known PowerShell backdoor, creation of persistent access mechanisms, Defender exclusions, and SYSTEM-level Windows services. The group, long associated with cryptocurrency theft and supply chain compromises, was also previously linked to a separate npm attack targeting the Axios HTTP client earlier in 2026.
