Malware Report
Title
Malware Civil War - Malicious npm Packages Targeting Malware Authors
Report Author
JFrog Security Research Team
Published At
1645509600000
Updated At
1668924000000
Description
JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens.
Malware Packages (25)
The following malware packages were identified in this report.
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |
|---|---|---|---|---|---|
| NPM Module | color-self | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | color-self-2 | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | colors-beta | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | crypto-standarts | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | discord-protection | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | discord-selfbot-tools | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | discord.js-aployscript-v11 | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | discord.js-discord-selfbot-v4 | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | discord.js-selfbot-aployed | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | kakakaakaaa11aa | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | lemaaa | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | markedjs | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | mynewpkg | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | noblox.js-addons | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | node-colors-sync | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | purple-bitch | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | purple-bitchs | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | tools-for-discord | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | vera.js | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | wafer-countdown | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | wafer-darla | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | wafer-template | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | wafer-text | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | adv-discord-utility | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| NPM Module | discord.js-selfbot-aployscript | JFrog discovers 25 open-source npm malicious packages, including one that targets malware authors to hijack stolen Discord tokens. | |||
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |