DIRECTORY

  • Alerts
  • APTs
  • Blog
  • Books
  • Certifications
  • Cheat Sheets
  • Courses
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Definitions
  • Domains
  • Entertainment
  • FAQ
  • Frameworks
  • Hardware Tools
  • Incidents
  • Malware
  • News
  • Papers
  • Podcasts
  • Quotes
  • Reports
  • Tools
  • Threats
  • Tutorials
No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
Talk To An Expert
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
Talk To An Expert
CyberMaterial
Home Alerts

NPM Packages Exfiltrate Sensitive Data

August 7, 2023
Reading Time: 2 mins read
in Alerts

Researchers have identified a concerning development in the cybersecurity landscape, uncovering a collection of malicious packages within the npm package manager.

These packages, discovered on July 31, 2023, were designed with the ability to exfiltrate sensitive developer data, including confidential source code. All ten packages were attributed to the same npm user, malikrukd4732, and share a common structure with three files each. The malicious code is executed through JavaScript within the “index.js” module, operating within a complex framework that utilizes pre-install and post-install hooks for execution.

Upon closer examination, the code initiates processes to gather critical information from infected systems, such as the current operating system username and working directory. The malware then conducts systematic searches across directories for specific file extensions or locations.

Once identified, the script creates ZIP archives of these directories and makes attempts to transmit them to a remote FTP server. The sensitive nature of the files and directories targeted by the malware raises concerns, as they may contain developers’ credentials and vital data pertaining to various applications and services.

The researchers speculate that these malicious packages are part of a targeted campaign aimed at cryptocurrency sector developers. Although the specific purpose of the attack remains unclear, potential associations with entities like CryptoRocket and Binarium indicate a focus on financial and cryptocurrency markets. This incident highlights the importance of maintaining a high level of trust in software dependencies and the need for vigilance within the developer community. Additionally, organizations are advised to scrutinize the packages used by their development teams for anomalies, ensuring their security against potential threats.

Source:
  • Targeted npm Malware Attempts to Steal Company Source Code and Secrets
Tags: AlertsAlerts 2023August 2023CyberattackCybersecurityNPM packageSensitive dataVulnerabilities
24
VIEWS
ADVERTISEMENT

Related Posts

Evolving Threat of BunnyLoader

Evolving Threat of BunnyLoader

October 2, 2023
ASMCrypt Unveils a New Malware Loader Threat

ASMCrypt Unveils a New Malware Loader Threat

October 2, 2023
FBI Warns of Dual Ransomware Threat

FBI Warns of Dual Ransomware Threat

October 2, 2023
Bing Chatbots Vulnerable to Malware

Bing Chatbots Vulnerable to Malware

October 2, 2023

More Articles

Incidents

IT Services Provider Hit by Donut Gang

September 22, 2023
Incidents

Ransomware Group LostTrust’s Rapid Attacks

September 28, 2023
Incidents

APT IRAN Claims 4TB Data Access

September 28, 2023
Incidents

Baruch College Malware Incident Update

September 29, 2023

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Alerts
  • Incidents
  • News
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
    • Tutorials
  • Report Cyber Incident
  • GET HELP
  • Contact Us

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.