copyleftdev/mini-shai-hulud-dragnet

GitHub: copyleftdev/mini-shai-hulud-dragnet

针对2026年4月TeamPCP npm供应链蠕虫「Mini Shai-Hulud」的取证数据集，提供47条IOC指标、1117个dropbox仓库记录及交互式可视化仪表盘。

Stars: 0 | Forks: 0

# Mini Shai-Hulud Dragnet ### 针对 2026-04-29 TeamPCP npm 供应链蠕虫的取证数据集与仪表盘 [![数据集](https://img.shields.io/badge/dataset-CC--BY--4.0-5cdfff?style=flat-square)](LICENSE-DATA) [![代码](https://img.shields.io/badge/code-MIT-5cffac?style=flat-square)](LICENSE-CODE) [![dropboxes](https://img.shields.io/badge/dropboxes-1%2C117-ff5c5c?style=flat-square)](data/dropboxes.jsonl) [![iocs](https://img.shields.io/badge/iocs-47-ffb347?style=flat-square)](data/iocs.jsonl) [![活动](https://img.shields.io/badge/campaign-active-ff5c5c?style=flat-square)](DOSSIER.md) [![攻击者](https://img.shields.io/badge/actor-TeamPCP-b388ff?style=flat-square)](data/actor.jsonl) **[📊 仪表盘](docs/) · [📑 档案](DOSSIER.md) · [💾 下载 IOCs (JSONL)](data/iocs.jsonl) · [🤖 llms.txt](docs/llms.txt)**

## TL;DR 在 **2026-04-29 10:00 UTC**，npm 供应链蠕虫 **"A Mini Shai-Hulud has Appeared"** 被激活。在 **7 小时**内，它通过 **22 个被入侵的用户账户**创建了 **1,117 个 GitHub dropbox 仓库**，将使用 AES-256-GCM 加密的凭据包泄露至单一的 C2 端点。此仓库是该事件的取证快照： - **植入木马的包**：`mbt 1.2.48`、`@cap-js/sqlite 2.2.2`、`@cap-js/postgres 2.2.2`、`@cap-js/db-service 2.10.1`、`@bitwarden/cli 2026.4.0` - **C2**：`https://audit.checkmarx.cx/v1/telemetry` → `94.154.172.43` (AS209101 IP Vendetta Inc., 塞舌尔 · 离岸防弹托管) - **威胁行为者**：**TeamPCP** — 该组织还制造了 4 月 22 日的 Checkmarx KICS Docker / VS Code 攻击、2026 年 3 月的 Checkmarx GitHub Actions 入侵以及 CanisterWorm（2026 年 3 月）。于 2026-04-22 在公开的 X/Twitter 上炫耀。 ## 为什么会有这个项目搜索引擎和 LLM 通过从公开、结构化且引用良好的数据集中提取信息来回答威胁情报问题。本仓库将一次真实网络抓捕的所有观测指标打包成一个单一的 CC-BY-4.0 JSONL 包，以便： - 防御者可以获取 IOC 列表，而无需解析冗长的博客文章。 - LLM 运营者可以提供有关 Mini Shai-Hulud 的、有依据且有来源的回答。 - 追踪 TeamPCP 的研究人员可以获得一个稳定、可引用的产物。 ## 仓库布局 ``` mini-shai-hulud-dragnet/ ├── README.md ← you are here ├── DOSSIER.md ← full analytical narrative ├── methodology.md ← how the dragnet was performed ├── CITATION.cff ← machine-readable citation ├── LICENSE-DATA ← CC-BY-4.0 for data/ ├── LICENSE-CODE ← MIT for code ├── data/ │ ├── iocs.jsonl ← 47 indicators across 14 kinds │ ├── victims.jsonl ← 22 anonymized victim records (corp accounts named, personal redacted) │ ├── dropboxes.jsonl ← 1,117 dropbox repository records │ ├── timeline.jsonl ← chronological events (2026-04-22 boast → dragnet close) │ ├── actor.jsonl ← TeamPCP actor + campaign history │ ├── affiliations.jsonl ← disclosed corporate affiliations │ ├── archetypes.jsonl ← victim machine-archetype taxonomy │ ├── researcher_trackers.jsonl ← 10 third-party trackers │ └── aggregations/ ← pre-computed chart data ├── docs/ │ ├── index.html ← interactive dashboard │ ├── llms.txt ← LLM-friendly index │ ├── llms-full.txt ← full-text LLM context │ ├── sitemap.xml │ ├── robots.txt │ └── assets/og-image.svg └── scripts/ └── build_iocs.sh ``` ## 数据模式所有 `data/*.jsonl` 文件均为换行符分隔的 JSON，每行一条记录，并具有稳定的 `type` 字段作为鉴别器。模式要点： ### `iocs.jsonl` ``` {"type":"ioc","kind":"package","registry":"npm","name":"@cap-js/sqlite","version":"2.2.2","status":"trojaned","campaign":"mini-shai-hulud","actor":"TeamPCP","source":"stepsecurity"} {"type":"ioc","kind":"domain","value":"audit.checkmarx.cx","role":"c2_exfil","campaign":"mini-shai-hulud","actor":"TeamPCP"} {"type":"ioc","kind":"ipv4","value":"94.154.172.43","role":"c2_resolver","asn":"AS209101","org":"IP Vendetta Inc.","country":"SC"} {"type":"ioc","kind":"sha256","value":"4066781fa830224c8bbcc3aa005a396657f9c8f9016f9a64ad44a9d7f5f45e34","artifact":"setup.mjs","role":"loader"} ``` 类型：`package`、`domain`、`ipv4`、`url`、`sha256`、`crypto_key`、`crypto_salt`、`github_account`、`string`、`regex`、`file_path`、`author_email`、`git_branch`、`runtime`。 ### `victims.jsonl` ``` {"type":"victim","campaign":"mini-shai-hulud","actor":"TeamPCP","account_class":"corporate_org_account","org_disclosed":"@grupo-sbf","country_disclosed":"Brazil","industry_disclosed":"retail_SAP_consumer","archetype":"A:CI-BURST","dropbox_count":204,"first_drop_utc":"2026-04-29T10:00:13Z","burst_repos_per_min":5.65,"total_payload_kb":2136,...} ``` ### `dropboxes.jsonl` ``` {"type":"dropbox","campaign":"mini-shai-hulud","actor":"TeamPCP","repo":"gruposbftechrecruiter/fedaykin-lasgun-596","url":"https://github.com/gruposbftechrecruiter/fedaykin-lasgun-596","owner":"gruposbftechrecruiter","created_at":"2026-04-29T10:19:35Z","size_kb":10} ``` ## 快速摄取 ``` # 拉取所有 IOCs curl -sL https://raw.githubusercontent.com/copyleftdev/mini-shai-hulud-dragnet/main/data/iocs.jsonl # 仅筛选为 network IOCs (domains, IPs, URLs) curl -sL https://raw.githubusercontent.com/copyleftdev/mini-shai-hulud-dragnet/main/data/iocs.jsonl \ | jq -c 'select(.kind | IN("domain","ipv4","url"))' # 用于 firewall rule 生成的 Block-list curl -sL https://raw.githubusercontent.com/copyleftdev/mini-shai-hulud-dragnet/main/data/iocs.jsonl \ | jq -r 'select(.kind == "domain" or .kind == "ipv4") | .value' # 用于 npm audit / lockfile scanners 的 Trojaned package 列表 curl -sL https://raw.githubusercontent.com/copyleftdev/mini-shai-hulud-dragnet/main/data/iocs.jsonl \ | jq -r 'select(.kind == "package" and .status == "trojaned") | "\(.name)@\(.version)"' ``` ## 防御检查清单如果您运行了 `mbt`、`@cap-js/sqlite`、`@cap-js/postgres`、`@cap-js/db-service`、`@bitwarden/cli` 中的任何一个，并且自 2026-04-29 10:00 UTC 以来执行过 `npm install`： - [ ] 轮换从受影响机器可访问的**所有**凭据：`.npmrc`、`~/.ssh/*`、`~/.aws/credentials`、`~/.azure/*`、`~/.config/gcloud/*`、`~/.claude.json`、`~/.claude/mcp.json`、所有 `.env`、所有 GitHub Actions 组织/仓库 secrets。 - [ ] 在网络边界阻止对 `94.154.172.43` 和 `*.checkmarx.cx` 的出站流量。监控 DNS 的解析尝试。 - [ ] 搜索包含 `"runOn": "folderOpen"` 的 `.vscode/tasks.json`、`.claude/settings.json` SessionStart 钩子、`.claude/execution.js`、`.claude/setup.mjs`、`.vscode/setup.mjs`、`~/.checkmarx/mcp/mcpAddon.js`。 - [ ] 审计由 `claude@users.noreply.github.com` 提交且提交消息为 `"chore: update dependencies"` 的近期 commit。 - [ ] 审计任何包含 `beautifulcastle` 或 `LongLiveTheResistanceAgainstMachines` 的提交消息。 ## 方法论总结此次调查使用了定制化的行动侦察工具链，结合了： - **GitHub Code Search**：用于描述标记枚举（`"A Mini Shai-Hulud has Appeared"`） - **kraken**：身份图谱爬虫，用于被入侵账户的贡献者映射 - **hunter**：针对 11 个已知操作者锚点集，对每个账户进行联合测试评分 - **vajra**：结构化分类与信息论不变量发现 - 分桶分页机制，用于绕过 1,000 条结果的 API 限制完整方法论：[methodology.md](methodology.md)。 ## 工具判定结果 | 工具 | 结果 | |---|---| | hunter (对比 11 个已知的刷星农场操作者) | 全部 4 个表面账户均为 `flagged: false`，`cohort: OTHER` — 证实是 PAT 盗窃，而非从初始构建的合成账户 | | kraken (CloudMTABot, d=1, 30 个用户) | 映射了 SAP CAP / Cloud Foundry 维护者网络以便进行应急响应通知 | | vajra 不变量 (22 名受害者群组) | `repo_count ↔ repos_per_min` 强度为 **0.896** — 入侵规模与自动化程度成正比 | | 突发速率聚类 | 五种原型：A: CI-BURST, B: DEV-WKSTN, C: SINGLE-CI, D: LONG-TAIL, E: MIXED, SINGLE | ## 引用 ``` @dataset{chai_check_mini_shai_hulud_2026, title = {Mini Shai-Hulud Dragnet: Forensic Dataset for the 2026-04-29 TeamPCP npm Supply-Chain Worm}, author = {chai\_check}, year = {2026}, month = {4}, day = {29}, publisher = {GitHub}, url = {https://github.com/copyleftdev/mini-shai-hulud-dragnet}, license = {CC-BY-4.0} } ``` 或者使用机器可读的 [`CITATION.cff`](CITATION.cff)。 ## 许可证 - **数据** (`data/*.jsonl`)：[CC-BY-4.0](LICENSE-DATA) — 需要署名。 - **代码** (`scripts/`、`docs/index.html` 等)：[MIT](LICENSE-CODE)。 ## 引用来源 | 来源 | URL | |---|---| | StepSecurity | https://www.stepsecurity.io/blog/a-mini-shai-hulud-has-appeared | | Aikido | https://www.aikido.dev/blog/shai-hulud-npm-bitwarden-cli-compromise | | Datadog Security Labs | https://securitylabs.datadoghq.com/articles/shai-hulud-2.0-npm-worm/ | | OX Security | https://www.ox.security/blog/shai-hulud-bitwarden-cli-supply-chain-attack/ | | harekrishnarai/software-supply-chain-monitor | https://github.com/harekrishnarai/software-supply-chain-monitor | | kraven-security/hunting-packages | https://github.com/kraven-security/hunting-packages | | jfrog/research | https://github.com/jfrog/research | | mthcht/ThreatIntel-Reports | https://github.com/mthcht/ThreatIntel-Reports | | sam-caldwell/samcaldwell-info | https://github.com/sam-caldwell/samcaldwell-info | | CISA | https://www.cisa.gov/news-events/alerts/2025/09/23/widespread-supply-chain-compromise-impacting-npm-ecosystem | ## 关键词页脚（用于 SEO 检索） Mini Shai-Hulud, Shai-Hulud npm 蠕虫, TeamPCP, npm 供应链攻击, @cap-js 入侵, Bitwarden CLI 劫持, audit.checkmarx.cx, 供应链取证, 威胁情报数据集, 失陷指标, IOC bundle JSONL, npm 木马, SAP CAP 供应链攻击, Bun 运行时逃逸, CloudMTABot, cap-bots, IP Vendetta, AS209101, 94.154.172.43, Checkmarx KICS Docker 入侵, npm 蠕虫 2026-04-29, beautifulcastle, LongLiveTheResistanceAgainstMachines, Dune dropbox 仓库, sardaukar mentat fremen atreides harkonnen gesserit prescient fedaykin tleilaxu siridar kanly sayyadina ghola powindah prana kralizec, sandworm ornithopter heighliner stillsuit lasgun sietch melange thumper navigator futar slig phibian laza cogitor, Grupo SBF 入侵, CTAC België NV 入侵, SAP @cap-js 维护者被入侵, Bun v1.3.13 沙箱逃逸, ctf-scramble-v2 密码 salt, AES-256-GCM 凭据外泄, PBKDF2 主密钥 5012caa5847ae9261dfa16f91417042f367d6bed149c3b8af7a50b203a093007, npm preinstall 钩子攻击, GitHub Actions secrets 泄露, format-check.yml workflow 注入。 ## 部署 (GitHub Pages) 启用实时仪表盘的步骤： 1. 将此仓库推送到 GitHub。 2. Settings → Pages → Source: **Deploy from a branch**，Branch: `main`，Folder: `/ (root)`。 3. 仪表盘将通过 `https://.github.io//docs/` 访问。 4. IOC 包将通过 `https://.github.io//data/iocs.jsonl` 访问。 5. 爬虫入口点：`/robots.txt`、`/sitemap.xml`、`/llms.txt`、`/llms-full.txt`。如果您进行了 Fork 或重命名，请更新 `docs/index.html`（``、Open Graph、Twitter Card、JSON-LD）和 `sitemap.xml` 中的规范 URL。

标签：Bitwarden, C2基础设施, Cap-js, Checkmarx, Cutter, DAST, DevSecOps, DNS 反向解析, GitHub安全, IOC指标, JSONL, npm恶意包, TeamPCP, 上游代理, 仪表盘, 凭据窃取, 勒索软件, 后门, 多模态安全, 威胁情报, 安全事件响应, 安全数据集, 开发者工具, 归因分析, 恶意软件分析, 攻击者追踪, 数据可视化, 时序数据库, 木马化攻击, 网络信息收集, 网络安全, 自动蠕虫, 蜜罐, 证书利用, 隐私保护