Malicious NuGet Packages Unleash Time-Delayed Sabotage on .NET Libraries

Researchers at Socket have uncovered a sophisticated supply-chain attack involving nine malicious NuGet packages that embed time-delayed sabotage code within legitimate .NET libraries. Downloaded a total of 9,488 times prior to their disclosure, these packages employ hidden triggers to terminate host processes and, in one instance, corrupt operations in industrial control systems.

Understanding the Attack

The malicious packages were published under the alias shanhai666 between 2023 and 2024. Each package offers genuine functionality to build trust and evade initial scrutiny, while containing approximately 20 lines of harmful code. The attacker exploits C# extension methods, such as .Exec() for executing database commands and .BeginTran() for S7 PLC clients. This design ensures that every database query or PLC operation inadvertently triggers the embedded sabotage logic.

After pre-defined or encrypted activation dates, the code generates a random number and calls Process.GetCurrentProcess().Kill(), which abruptly halts the application. Activation dates for some packages are staggered, extending to 2027 and 2028, thus allowing the actor a prolonged window to compromise systems before detection occurs.

The most dangerous of these packages, Sharp7Extend, features two sabotage modes: an immediate probabilistic process-kill for every PLC operation (active until June 6, 2028), and a deferred write-failure mechanism that silently returns failed results for up to 80% of write attempts after a 30 to 90-minute grace period. This latter behavior can corrupt PLC writes without obvious error messages, leading to actuator non-responses and failed safety engagements, ultimately mimicking intermittent hardware failures rather than a deliberate attack.

Challenges in Detection

Several factors contribute to the difficulty in detecting these malicious packages. The vast majority of the code is legitimate and functional, allowing it to pass standard testing and code reviews. Additionally, typosquatting tactics—such as naming the packages similarly to legitimate ones (e.g., Sharp7 versus Sharp7Extend)—increase the likelihood of accidental installations in operational technology (OT) environments. The inclusion of genuine libraries also obscures potential red flags during the integration testing phase.

Furthermore, the randomized and probabilistic nature of the activation disguises systematic interferences as random failures. The significant delays between installation and activation disrupt forensic timelines, making it challenging to identify impacts until it is too late. The attacker has also varied author metadata and forged signature artifacts, complicating automated detection efforts.

To defend against this NuGet campaign, immediate and long-term strategies are essential for building supply chain resilience. Organizations should audit their dependencies now, inventorying .NET packages to remove or replace any of the nine identified malicious packages without delay.

Implementing stringent dependency hygiene is crucial. This includes requiring verified publisher metadata, denying typosquatted names, and restricting package sources to approved registries. Additionally, integrating Software Bill of Materials (SBOM) checks and static analysis within Continuous Integration/Continuous Deployment (CI/CD) pipelines can help flag time-based logic, unusual extension methods, or obfuscated trigger code.

Monitoring for probabilistic and time-based logic is also vital. Organizations should set up alerts for date checks, randomized control flows, and unusual uses of Process.Kill() and extension methods in dependencies. For those in industrial environments, validating the integrity of Industrial Control Systems (ICS) is critical. This can be achieved by implementing write-verification for PLC commands, establishing baseline PLC success rates, and monitoring for sudden drops in write confirmations.

Finally, strengthening supply chain policies is essential. Organizations should enforce the principle of least privilege for package installations, require thorough code reviews for third-party libraries, and apply strict change control measures for OT components.

By adopting these practices, organizations can bolster their software supply chains and mitigate the risks associated with hidden malicious logic. This campaign serves as a stark reminder of how supply chain attacks can exploit trusted code and time delays to inflict significant damage while remaining under the radar.