Hundreds of malware-laden fake npm packages posted online to try and trick developers

Trending 1 day ago
  1. Home
  2. Technology
  3. Hundreds of malware-laden fake npm packages posted online to try and trick developers
Zero-day attack
(Image credit: Shutterstock) (Image credit: Shutterstock.com)
  • Criminals are adding hundreds of malicious packages to npm
  • The packages effort to fetch a stage-two payload to infect nan machines
  • The crooks went to lengths to hide wherever they big nan malware

Software developers, particularly those moving pinch cryptocurrencies, are erstwhile again facing a proviso concatenation onslaught via open source codification repositories.

Cybersecurity researchers from Phylum person warned a threat character has uploaded hundreds of malicious packages to nan unfastened root package repository npm. The packages are typosquatted versions of Puppeteer and Bignum.js. Developers who are successful request of these packages for their products, mightiness extremity up downloading nan incorrect type by mistake, since they each travel pinch akin names.

If used, nan package will link to a hidden server, fetch nan malicious second-stage payload, and infect nan developers’ computers. “The binary shipped to nan instrumentality is simply a packed Vercel package,” nan researchers explained.

Hiding nan IP address

Furthermore, nan attackers wanted to execute thing other during package installation, but since nan record wasn’t included successful nan package, nan researchers couldn’t analyse it. “An evident oversight by nan malicious package author,” they say.

What makes this run guidelines retired from different akin typosquatting proviso concatenation campaigns is nan lengths nan crooks went to hide nan servers they controlled.

“Out of necessity, malware authors person had to endeavor to find much caller ways to hide intent and to obfuscate distant servers nether their control,” nan researchers said. “This is, erstwhile again, a persistent reminder that proviso concatenation attacks are live and well.”

The IP cannot beryllium seen successful nan first-stage code. Instead, nan codification will first entree an Ethereum smart contract, wherever nan IP is stored. This ended up being a double-edged sword, since nan blockchain is imperishable and immutable, and frankincense allowed nan researchers to observe each of nan IP addresses nan crooks ever used.

Sign up to nan TechRadar Pro newsletter to get each nan apical news, opinion, features and guidance your business needs to succeed!

Since nan targets are developers moving pinch cryptocurrency, nan extremity was astir apt to bargain their seed phrases, and summation entree to their wallets.

Software developers, peculiarly those moving successful nan Web3 space, are often targets of specified attacks. Therefore, double-checking nan names of each downloaded packages is simply a must.

Via Ars Technica

You mightiness besides like

  • Hackers target DocuSign pinch caller phishing threat — watch out, you could beryllium signing your information away
  • Here's a database of nan best firewalls today
  • These are nan best endpoint protection tools correct now

Sead is simply a seasoned freelance journalist based successful Sarajevo, Bosnia and Herzegovina. He writes astir IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, information breaches, laws and regulations). In his career, spanning much than a decade, he’s written for galore media outlets, including Al Jazeera Balkans. He’s besides held respective modules connected contented penning for Represent Communications.

More
Source Technology
Technology

Related Article

Nikon reveals the Z50 II – a modest update of its hobbyist mirrorless camera with an identity crisis

Nikon reveals the Z50 II – a modest update of its hobbyist mirrorless camera with an identity crisis

2 hours ago
Kia shows off new off-road EV concepts and they look like the perfect apocalypse escape rides

Kia shows off new off-road EV concepts and they look like the perfect apocalypse escape rides

4 hours ago
NYT Strands today — hints, answers and spangram for Thursday, November 7 (game #249)

NYT Strands today — hints, answers and spangram for Thursday, November 7 (game #249)

7 hours ago

Popular Article

Soundcore’s newest clip-style earbuds focus on comfort

Soundcore’s newest clip-style earbuds focus on comfort

2 weeks ago
Better than Black Friday: shop record-low prices on Samsung TVs at Best Buy

Better than Black Friday: shop record-low prices on Samsung TVs at Best Buy

2 weeks ago
AirPods Pro 2's hearing health features will arrive as a software update starting next week

AirPods Pro 2's hearing health features will arrive as a software update starting next week

2 weeks ago
The best budget laptops for 2024

The best budget laptops for 2024

2 weeks ago
The iPhone SE might serve an unexpected surprise next year

The iPhone SE might serve an unexpected surprise next year

2 weeks ago
English (US) English (US) · Indonesian (ID) Indonesian (ID) ·
About Us · Contact Us · Terms & Conditions ·

©2024 Latest Tech News.
All Rights Reserved.