Malware Package

Package Type
NPM Module
Name
assets-graph
Versions
1.0.0
Identified At
1687496400000
Description
On June 11, Phylum’s automated risk detection platform alerted us to a peculiar pattern of publications on NPM. The packages in question seem to be published in pairs, each pair working in unison to fetch additional resources which are subsequently decoded and/or executed. At the time of this

Identified Reports (1)

This malware package was identified on the following reports.

Report URL Published At Author Description
Phylum Discovers Sophisticated Ongoing Attack on NPM https://blog.phylum.io/sophisticated-ongoing-attack-discovered-on-npm/ 1687496400000 Phylum Research Team On June 11, Phylum’s automated risk detection platform alerted us to a peculiar pattern of publications on NPM. The packages in question seem to be published in pairs, each pair working in unison to fetch additional resources which are subsequently decoded and/or executed. At the time of this
Report External URL Published At Author Description

Related Malware Packages (26)

The following malware packages were identified in the same report as this one.

Package Type Name Attack Strategy Package Author Versions
NPM Module assets-table 1.0.0
NPM Module audit-ejs 1.7.2
NPM Module audit-vue 1.6.2
NPM Module btc-web3 1.0.1
NPM Module cache-react 1.0.2
NPM Module cache-vue 1.0.1, 1.0.2
NPM Module chart-tablejs 1.0.1
NPM Module chart-vxe 0.0.9
NPM Module couchcache-audit 1.1.2
NPM Module ejs-audit 1.7.2
NPM Module elliptic-helper 1.2.7
NPM Module elliptic-parser 1.2.7
NPM Module jpeg-metadata 1.5.1
NPM Module other-web3 1.0.1
NPM Module price-fetch 0.0.9
NPM Module price-record 0.0.9
NPM Module snykaudit-helper 4.1.1, 4.1.2
NPM Module sync-http-api 6.1.0, 6.1.1
NPM Module sync-https-api 6.1.1
NPM Module tslib-react 1.7.1
NPM Module tslib-tool 1.6.1
NPM Module tslib-util 1.6.2
NPM Module ttf-metadata 1.5.2
NPM Module vue-audit 1.6.2
NPM Module vue-gws 0.0.1
NPM Module vuewjs 1.0.1