heise PlusAbo
Anzeige

Password safe Bitwarden: Command-line client trojanized

The Bitwarden security team confirms that a malicious version of the command-line client was briefly distributed.

listen Print view
Stylized image with reddish circuit traces, an open lock in the foreground, and the words Data Leak, Security, Exploit found

(Image: Black_Kira/Shutterstock.com)

3 min. read
Security
By

Between 11:57 PM on April 22nd and 1:30 AM on April 23rd German time (5:57 PM to 7:30 PM ET), the npm package @bitwarden/cli in version 2026.4.0 was distributed with malware. This manipulated version stole user credentials. However, Bitwarden emphasizes that end-user data stored in the actual safe (vault data) was not affected.

As Bitwarden announced in its community forum, the security team identified and contained the manipulated package. Distribution was exclusively via NPM; anyone who did not obtain the package via NPM during the specified period is not affected. The compromised version has since been marked as deprecated, and the misused access has been revoked. The incident is part of a larger attack on the Checkmarx supply chain.

Sophisticated Credential Stealer with Fallback Mechanisms

Security researchers from JFrog and Socket.dev have analyzed the malware in detail. The manipulated package.json contained a preinstall script that automatically executed a loader file named bw_setup.js upon installation. This downloaded the Bun runtime (version 1.3.13) from GitHub and started an obfuscated JavaScript payload (bw1.js).

The malware targeted a wide range of sensitive data: GitHub and npm tokens, SSH keys, shell histories, and credentials for AWS, Google Cloud, and Azure. Furthermore, it exfiltrated GitHub Actions secrets, Git credentials, .env files, and even configuration files from AI tools like Claude and MCP, sending them to the attackers.

Exfiltration primarily occurred encrypted to the address audit.checkmarx.cx (IP: 94.154.172.43). As a fallback, the malware used a sophisticated mechanism: stolen GitHub tokens were validated to create repositories under the victim's account for data exfiltration. Double-Base64-encoded PATs were hidden in commit messages with the marker "LongLiveTheResistanceAgainstMachines".

Videos by heise

Immediate Countermeasures Required

Anyone who installed version 2026.4.0 during the specified time window should act immediately. Bitwarden recommends uninstalling with npm uninstall -g @bitwarden/cli and clearing the npm cache. On affected systems, administrators should search for the artifacts bw_setup.js, bw1.js, and any downloaded Bun runtime.

Crucially, all credentials stored on the compromised system must be rotated: GitHub Personal Access Tokens, npm tokens, AWS Access Keys, Azure and GCP secrets, and SSH keys. GitHub Actions workflows should also be checked for unauthorized executions. The domain audit.checkmarx.cx and IP 94.154.172.43 should be blocked in firewalls.

Currently, all repositories are again distributing the regular version 2026.3.0. According to the manufacturer, this and all other versions of the Bitwarden CLI except 2026.4.0 are not affected. Production systems and vault data were not compromised at any time.

(ju)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten