The UNC6426 campaign demonstrates a multi-stage supply chain intrusion that transitioned from developer environment compromise to full cloud takeover within ~72 hours. The attack originated from a prior compromise of the nx npm package, where a malicious postinstall script deployed the QUIETVAULT credential stealer. This payload harvested sensitive data—including GitHub Personal Access Tokens (PATs)—by leveraging an installed LLM-based developer tool to enumerate credentials and environment data on the host.
Using a stolen GitHub token, UNC6426 conducted reconnaissance within the victim’s GitHub environment and extracted additional CI/CD secrets using a legitimate tool. The attacker then pivoted into the cloud by abusing GitHub-to-AWS OIDC trust relationships, generating temporary AWS STS credentials tied to an overly permissive CI/CD role. Leveraging these privileges, the actor deployed a malicious CloudFormation stack to create a new IAM role with AdministratorAccess, achieving full privilege escalation.
With administrative access, the attacker performed data exfiltration (S3), infrastructure disruption (EC2/RDS termination), and key decryption, followed by destructive actions in the source code environment (making private repositories public). The campaign highlights the compounding risk of software supply chain compromise + identity-based cloud access + over-permissioned IAM roles, as well as the emerging role of AI-assisted credential discovery in modern attacks.