Just when you thought malware couldn’t get any more mischievous, our digital detectives have cracked open a new case. They’ve discovered some devious culprits nesting in NuGet package manager. These scoundrels are known to be deploying via a method not frequently seen in the digital underworld. It’s like if your dad decided to open a tech company – you’re impressed, but also slightly confused.
On the flip side of this cyber comic book we’ve got our heroes. ReversingLabs, the software supply chain security firm has been on the case, labelling this sneaky behaviour as a coordinated and ongoing attack running since August 1, 2023. It seems these bad guys have been inserting malicious code into our systems longer than dad’s been telling that joke about the light bulb.
Unfurling their detailed investigation, our brave researchers drew a line connecting these deviant packages to a new baddie on the block. They’re delivering a remote access Trojan famously titled Rogue NuGet packages. Yikes! It’s like that moment when you find out the end of dad’s light bulb joke… not the outcome you hoped for.
In the world’s longest-running game of tag, our cybersecurity researchers successfully uncovered a new style of mischief; a set of malicious packages nestled in the NuGet package manager. Software security firm ReversingLabs has been hot on their tracks since August 2023, detailing the ongoing and coordinated campaign from these cyber miscreants. With a plot twist right out of a tech thriller, it seems these rogue packages are the deliverymen for a new Trojan Horse called – drumroll, please – Rogue NuGet. Yet another reason to keep updating that antivirus software, folks!
Original Article: https://thehackernews.com/2023/10/malicious-nuget-packages-caught.html
No products in the cart.