Malicious Packages Found in NPM Package Registry
Malicious Packages Aim to Steal Developer Info
Cybersecurity researchers have been playing a heated game of hide and seek—and they’re currently “it.” A new set of malicious packages have surfaced on the npm package registry; their fun little game? Stealing sensitive developer information. These crafty packages are the equivalent of dodgy dice in a board game – except this game isn’t about winning Monopoly money but nabbing confidential data.
Phylum Unearths and Tracks Malicious Packages
Phylum, a software supply chain firm with the detecting prowess of Sherlock Holmes, first discovered these “test” packages on July 31, 2023. But these packages weren’t sitting pretty with ‘Best Before’ tags, oh no. They were upping their game, showcasing increasing functionality and refinement, much like a caterpillar’s metamorphosis into a butterfly…except, in this case, it’s a sneaky, deceptive butterfly.
The Ol’ Switcharoo: Malicious Packages Reuploaded
But the chase didn’t end there! After they were removed, these sneaky packages went into costume change, reappearing under different names. Sneakier than a father clad in camo playing hide and seek, these cunning coders reuploaded these nefarious parcels just when we thought they’d been dealt with.
To summarize this ‘who dunnit’ mystery: Cybersecurity researchers discovered these mischievous packages on the npm package registry. The objective of these digital gremlins? Stealing developer’s sensitive information. First unearthed by Phylum on July 31, 2023, these packages displayed a growing sophistication, like an adversary leveling up in a video game. After being booted out, they came back under new identities, much like a digital version of Clark Kent turning into Superman. The only difference here, these aren’t heroes saving the day—they’re online villains looking to snatch your data.
Original Article: https://thehackernews.com/2023/08/malicious-npm-packages-found.html