Revoking Credentials Triggers Physical Liquidation Instead? TanStack Crypto-stealing Worm Open Sourced, Contains Unrecoverable Kill Switch

According to NetBreake monitoring, the hacker group TeamPCP behind the npm supply chain poisoning attack has open-sourced the full code of the implicated worm, Mini Shai-Hulud, on GitHub under the MIT license. Security researchers discovered from the code that this malware includes a "dead man's switch" that, if triggered, will immediately wipe the entire home directory of the victim's computer if the compromised developer revokes the stolen GitHub or cloud credentials without thoroughly removing all related files.

Researchers have confirmed that this worm will install a daemon in the background on macOS or Linux, checking every minute if the stolen credentials are still valid. Upon detecting a server rejection of the credentials (indicating the victim has performed a key rotation), the worm will promptly invoke the system-level shred command to irreversibly overwrite all writable files in the current user's Home directory.

This directly undermines the typical security response process: in the event of credential compromise, an enterprise's usual first response is to revoke the keys immediately. However, in this attack, doing so would trigger the destruction of local data. Currently, the worm has been found to infect nearly 400 versions across more than 170 packages, including TanStack, UiPath, and Mistral AI. After the hacker, under the account name PedroTortoriello, openly shared the code and mocked the "open-source slaughter," third parties even submitted pull requests to add FreeBSD support. Microsoft has promptly banned the account and removed all GitHub repositories and forks, but the leaked source code continues to circulate through other channels.