Who Broke NPM? Malicious Packages Flood Leading to Denial of Service

1(520) 261-1728

Who Broke NPM? Malicious Packages Flood Leading to Denial of Service

We’ve seen spam campaigns in the open-source ecosystems in the past year, but this month was by far the worst one we’ve seen yet. Apparently, attackers found the unvetted open-source ecosystems as an easy target to perform SEO poisoning for various malicious campaigns. As long as the name is untaken, they can publish an unlimited number of packages. Author: AlienVault

Related Tags:
npm

T1195

T1566

AlienVault OTX

AlienVault

Associated Indicators:
hugersi.com

aapu.at

iplis.ru

dusti.co

potunulit.org

http://ji.ghwiwwff.com/m/oskg25

http://230320051222585.btl.jbc75.shop/f/fsbm0320.exe

Threat Intel Solutions

Who Broke NPM? Malicious Packages Flood Leading to Denial of Service

Search

Popular Posts

2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

MintsLoader: StealC and BOINC Delivery

Categories

Archives

Tags

Follow Us