Malware Package
Package Type
NPM Module
Name
srm-front-util
Versions
1.0.0
Identified At
1691730000000
Description
Phylum excels at detecting and blocking software supply-chain attacks on developers and their organizations. In June, we were the first to identify North Korean state actors conducting campaigns against npm developers. Today, we unveil another targeted campaign with similar behaviors, again targeting npm.
Identified Reports (2)
This malware package was identified on the following reports.
| Report | URL | Published At | Author | Description |
|---|---|---|---|---|
| Sophisticated, Highly-Targeted Attacks Continue to Plague npm | https://blog.phylum.io/sophisticated-highly-targeted-attacks-continue-to-plague-npm/?ref=software-supply-chain-attack-research-newsletter | 1691730000000 | Phylum Research Team | Phylum excels at detecting and blocking software supply-chain attacks on developers and their organizations. In June, we were the first to identify North Korean state actors conducting campaigns against npm developers. Today, we unveil another targeted campaign with similar behaviors, again targeting npm. Background On August 9, 2023 Phylum’s |
| North Korean Hackers Suspected in New Wave of Malicious npm Packages | https://thehackernews.com/2023/08/north-korean-hackers-suspected-in-new.html | 1692075600000 | Nine npm packages uploaded between Aug 9-12, 2023 have caught the attention of security experts. | |
| Report | External URL | Published At | Author | Description |
Related Malware Packages (8)
The following malware packages were identified in the same report as this one.
| Package Type | Name | Attack Strategy | Package Author | Versions |
|---|---|---|---|---|
| NPM Module | cloud-room-video | |||
| NPM Module | pingan-vue-floating | 0.0.7 | ||
| NPM Module | progress-player | |||
| NPM Module | ws-paso-jssdk | 1.0.0 | ||
| NPM Module | ynf-core-loader | |||
| NPM Module | ynf-core-renderer | |||
| NPM Module | ynf-dx-scripts | |||
| NPM Module | ynf-dx-webpack-plugins |