Malware Report
Title
Sophisticated, Highly-Targeted Attacks Continue to Plague npm
Report Author
Phylum Research Team
Published At
1691730000000
Updated At
1691730000000
Description
Phylum excels at detecting and blocking software supply-chain attacks on developers and their organizations. In June, we were the first to identify North Korean state actors conducting campaigns against npm developers. Today, we unveil another targeted campaign with similar behaviors, again targeting npm. Background On August 9, 2023 Phylum’s
Malware Packages (3)
The following malware packages were identified in this report.
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |
|---|---|---|---|---|---|
| NPM Module | pingan-vue-floating | 0.0.7 | Phylum excels at detecting and blocking software supply-chain attacks on developers and their organizations. In June, we were the first to identify North Korean state actors conducting campaigns against npm developers. Today, we unveil another targeted campaign with similar behaviors, again targeting npm. | ||
| NPM Module | srm-front-util | 1.0.0 | Phylum excels at detecting and blocking software supply-chain attacks on developers and their organizations. In June, we were the first to identify North Korean state actors conducting campaigns against npm developers. Today, we unveil another targeted campaign with similar behaviors, again targeting npm. | ||
| NPM Module | ws-paso-jssdk | 1.0.0 | Phylum excels at detecting and blocking software supply-chain attacks on developers and their organizations. In June, we were the first to identify North Korean state actors conducting campaigns against npm developers. Today, we unveil another targeted campaign with similar behaviors, again targeting npm. | ||
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |