Malware Report
Title
Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys
Report Author
Sep 20, 2023THN
Updated At
1695186000000
Description
Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys.
Malware Packages (17)
The following malware packages were identified in this report.
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |
|---|---|---|---|---|---|
| NPM Module | hardhat-gas-report | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @am-fe/hooks | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @am-fe/provider | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @am-fe/request | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @am-fe/utils | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @am-fe/watermark | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @am-fe/watermark-core | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @dynamic-form-components/mui | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @dynamic-form-components/shineout | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @expue/app | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @fixedwidthtable/fixedwidthtable | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @soc-fe/use | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @spgy/eslint-plugin-spgy-fe | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | @virtualsearchtable/virtualsearchtable | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| Pypi Package | culturestreak | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | gcc-patch | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| NPM Module | shineouts | Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys. | |||
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |