Malware Report
Title
NPM packages posing as speed testers install crypto miners instead
Report Author
Bill Toulas
Description
A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors.
Malware Packages (16)
The following malware packages were identified in this report.
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |
|---|---|---|---|---|---|
| NPM Module | lagra | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtesta | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtestbom | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtestfast | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtestgo | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtestgod | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtestis | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtestkas | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtesto | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtestrun | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtestsolo | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtestspa | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtestwow | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | speedtestzo | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | trova | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| NPM Module | trovam | trendava | A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. | ||
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |