Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to malware
MalwareExploits 2 CVEs

HexStrike

HEXSTRIKE is a toolkit/malware framework identified in a targeted npm supply-chain attack reported by Breakglass Intelligence. It was linked to nine malicious npm packages impersonating Strapi CMS plugins, published on 2026-04-03 by the npm account umarbek1233. The packages used postinstall hooks to execute a Node.js payload that deployed a multi-phase C2 agent. Reported capabilities include theft of environment variables, .env files, Strapi configuration, database credentials, JWT secrets, Redis data, Docker secrets, Kubernetes service account tokens, SSH/private keys, PEM files, and cryptocurrency wallet-related files. The malware beaconed over plain HTTP to 144.31.107.231:9999, polled the C2 every five seconds for up to 60 rounds, accepted arbitrary shell commands from cmd.txt, and was associated with a reverse shell script connecting to 144.31.107.231:4444. An exposed directory on 144.31.107.231:8888 contained 52 toolkit files including C2 code, credential-harvesting tools, persistence scripts, lateral movement utilities, and exploitation tooling. Recovered components included Strapi SSTI exploit scripts for CVE-2023-22621, account-takeover tooling that triggered password resets and read reset tokens from PostgreSQL, Elasticsearch TLS interception tooling, and an OverlayFS-based container escape exploit described as a CVE-2023-0386 variant. The operation was assessed as a focused, financially motivated intrusion, with Guardarian, an Estonian cryptocurrency exchange, identified as the confirmed primary victim. Reported stolen data included Guardarian PostgreSQL credentials, JWT secrets, Redis connection details, API integration details, a live API key, and employee email addresses used in credential-stuffing scripts. The toolkit name HEXSTRIKE was derived from the leaked path /opt/hexstrike_ssrf/.

Share:
For your environment

Hunt this family in your stack

Mallory pivots from this family to the IOCs, detections, and named campaigns that touch your stack, and pages you when something new lands.

Start free trial
EXPLOITED CVES

Vulnerabilities exploited

2 CVEs Mallory has correlated with this family across public research and vendor advisories. Each row links to the full Mallory page for that vulnerability.

2 CVES
CVE-2023-22621Strapi Authenticated SSTI in Email Templates

Toolkit name : "HEXSTRIKE" (from path /opt/hexstrike_ssrf/ ) ... published 9 malicious npm packages impersonating Strapi CMS plugins ... deploy a multi-phase C2 agent via postinstall that steals environment variables, database credentials, JWT secrets, API keys, Redis data, Docker secrets, Kubernetes tokens, SSH keys, cryptocurrency wallets, and establishes a persistent reverse shell with 5-second polling.

via breakglass intelintel.breakglass.tech
CVE-2023-0386Linux Kernel OverlayFS local privilege escalation

Toolkit name : "HEXSTRIKE" (from path /opt/hexstrike_ssrf/ ) ... published 9 malicious npm packages impersonating Strapi CMS plugins ... deploy a multi-phase C2 agent via postinstall that steals environment variables, database credentials, JWT secrets, API keys, Redis data, Docker secrets, Kubernetes tokens, SSH keys, cryptocurrency wallets, and establishes a persistent reverse shell with 5-second polling.

via breakglass intelintel.breakglass.tech
MITRE ATT&CK

Techniques & procedures

20 distinct techniques documented for this family, organized by ATT&CK tactic.

Reconnaissance

1 technique
T1595Active ScanningEvidence5

threat actors are using large language models to... automate reconnaissance against exposed assets... Hexstrike, paired with a temporal knowledge graph called Graphiti... lets the agent maintain persistent state across the attack surface and decide for itself when to pivot between reconnaissance tools

Resource Development

1 technique
T1583.001DomainsEvidence1

allowing the agent to autonomously pivot between tools like subfinder and httpx based on its internal reasoning.

Initial Access

2 techniques
T1190Exploit Public-Facing ApplicationEvidence1

HexStrike, an open source AI security framework popular with cybercriminals that exploited “thousands” of Citrix Netscaler products in less than 10 minutes using a single critical CVE

T1195.002Compromise Software Supply ChainEvidence1

9 malicious npm packages published by umarbek1233 between 02:02 and 03:58 UTC on 2026-04-03, all version 3.6.8, all using postinstall hooks

Execution

1 technique
T1059.007JavaScriptEvidence1

[Phase 1] postinstall.js executes

Persistence

1 technique
T1546.004Unix Shell Configuration ModificationEvidence1

shell.sh: Reverse shell to 144.31.107.231:4444

Privilege Escalation

2 techniques
T1546.004Unix Shell Configuration ModificationEvidence1

shell.sh: Reverse shell to 144.31.107.231:4444

T1611Escape to HostEvidence1

exploit.sh: OverlayFS container escape (CAP_SETUID) Privilege escalation toolkit includes Docker container escape via OverlayFS (CVE-2023-0386 variant)

Stealth

1 technique
T1070.004File DeletionEvidence1

Command delivery : Server reads cmd.txt, returns content to polling agent, then writes nop to prevent re-execution

Credential Access

5 techniques
T1110.004Credential StuffingEvidence1

login3.js: Credential stuffing against Guardarian employees

T1552.001Credentials In FilesEvidence1

[Phase 9] Private key/PEM/wallet/secret file discovery + exfil

T1555Credentials from Password StoresEvidence1

[Phase 3] .env file theft (11 hardcoded paths + find /) [Phase 4] Full environment variable dump (env command)

T1557Adversary-in-the-MiddleEvidence1

es_intercept.js -- TLS MITM proxy for Elasticsearch with self-signed cert + /etc/hosts poisoning

T1606.001Web CookiesEvidence1

get_users_tokens.js: JWT forgery + user enumeration

Discovery

3 techniques
T1018Remote System DiscoveryEvidence1

[Phase 7] Network mapping: /etc/hosts, resolv.conf, ARP, routes

T1046Network Service DiscoveryEvidence1

scan.js -- Internal infrastructure port scanning jenkins.js -- Jenkins port scan on Docker host

T1082System Information DiscoveryEvidence1

[Phase 2] Beacon: hostname, whoami, IP, Node version -> C2

Lateral Movement

1 technique
T1210Exploitation of Remote ServicesEvidence1

pgesc.js: PostgreSQL privilege escalation via dblink

Collection

2 techniques
T1213Data from Information RepositoriesEvidence1

[Phase 6] Redis raw TCP: INFO, DBSIZE, KEYS * [Phase 10] Strapi admin DB query attempt (knex/database.js)

T1557Adversary-in-the-MiddleEvidence1

es_intercept.js -- TLS MITM proxy for Elasticsearch with self-signed cert + /etc/hosts poisoning

Command and Control

1 technique
T1071.001Web ProtocolsEvidence1

Transport : Plain HTTP POST to http://144.31.107.231:9999/c2/{agent_id}/{phase} Polling : 5-second intervals, 60 rounds per session

Exfiltration

1 technique
T1041Exfiltration Over C2 ChannelEvidence1

All data exfiltrated via HTTP POST to C2:9999

INDICATORS OF COMPROMISE

IOCs tracked for this family

10 indicators attributed across vendor reports, sandbox runs, and researcher write-ups. Full values are available in Mallory.

View more in app
Network
2 tracked

IPs, domains, and DNS infrastructure linked to this family.

Hashes
6 tracked

File hashes (MD5, SHA-1, SHA-256) from samples and reports.

Other
2 tracked

Other indicator types observed in public reporting.

TypeValueLatest sighting
ip.v4●●●●●●●●●●●●View more in app3 months ago
hash.sha1●●●●●●●●●●●●View more in app3 months ago
hash.sha256●●●●●●●●●●●●View more in app3 months ago
hash.sha256●●●●●●●●●●●●View more in app3 months ago
uri●●●●●●●●●●●●View more in app3 months ago
uri●●●●●●●●●●●●View more in app3 months ago
ACTIVITY FEED

Recent activity

2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

2 SOURCESView more in app
breakglass intelNews
Apr 4, 2026
Operation HEXSTRIKE -- npm Supply Chain Attack Targeting Guardarian Cryptocurrency Exchange - Breakglass Intelligence - Breakglass Intelligence

A multi-phase npm-delivered C2 agent and attacker toolkit used in a targeted supply-chain compromise. It executes via postinstall hooks in malicious Strapi-themed npm packages, performs extensive credential and secret theft, maps networks, accesses Redis/Docker/Kubernetes data, supports reverse shell access, and enables follow-on exploitation and lateral movement.

Read more
bleeping computerNews
Jan 1, 2026
The biggest cybersecurity and cyberattack stories of 2025

HexStrike is an AI-powered tool used to automate the analysis and exploitation of known vulnerabilities, accelerating the exploitation process for attackers.

Read more
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets match these IOCs, which detections are missing, which campaigns to expect next, and what to do in the next 30 minutes.
Start free trial
IOC matching10

Match every observed IP, domain, and hash against your live telemetry.

Threat actor attribution

Named campaigns wielding this family, with evidence pinned to each claim.

Exploited vulnerabilities2

CVEs this family uses for access and lateral movement.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

MITRE ATT&CK mapping20

Every documented technique, ranked by evidence weight.

Researcher chatter

Reddit, Mastodon, and CTI community discussion around this family.