On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- U.S Charges Two Iranian Hackers for SamSam Ransomware Attacks
November 28, 2018
The Department of Justice announced Wednesday charges against two Iranian nationals for their involvement in creating and deploying the notorious SamSam ransomware. The alleged hackers, Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah, 27, have been charged on several counts of computer hacking and fraud charges, the indictmentunsealed today at New Jersey court revealed. The duo used SamSam ransomware to ...
- Dell announces security breach
November 28, 2018
US-based hardware giant Dell announced today a security breach that took place earlier this month, on November 9. Dell says it detected an unauthorized intruder (or intruders) “attempting to extract Dell.com customer information” from its systems, such as customer names, email addresses, and hashed passwords. The company didn’t go into details about the complexity of the ...
- Mobile Rotexy Malware Touts Ransomware, Banking Trojan Functions
November 26, 2018
A mobile malware has accelerated its activity in 2018, launching more than 70k attacks in August through October. Mobile malware, dubbed Rotexy, has evolved from being spyware to now a dangerous banking trojan packing a host of new clever features. Researchers report 70,000 attacks between August and October with targets primarily based in Russia. In a technical brief released ...
- Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
November 23, 2018
Ukrainian police have arrested a 42-old-man on charges of infecting over 2,000 users across 50 countries with the DarkComet remote access trojan (RAT). The man was arrested this week after police executed a search warrant at his residence in the city of Lviv, in Western Ukraine. In a press release published today, Ukrainian police said they found ...
- L0rdix becomes the new Swiss Army knife of Windows hacking
November 21, 2018
A new hacking tool making the rounds in underground forums has been deemed the latest “go-to” universal offering for attackers targeting Microsoft Windows PCs. The software is called L0rdix and according to cybersecurity researchers from enSilo is “aimed at infecting Windows-based machines, combines stealing and cryptocurrency mining methods, can avoid malware analysis tools.” In a blog ...
- Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
November 20, 2018
After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees. In early October, Emotet activity dropped off the radar, only to come back towards the end of the month with a new plugin that exfiltrates email subjects and 16KB ...