Malware Report
Title
North Korean Hackers Suspected in New Wave of Malicious npm Packages
Published At
1692075600000
Updated At
1692248400000
Description
Nine npm packages uploaded between Aug 9-12, 2023 have caught the attention of security experts.
Malware Packages (9)
The following malware packages were identified in this report.
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |
|---|---|---|---|---|---|
| NPM Module | pingan-vue-floating | 0.0.7 | Phylum excels at detecting and blocking software supply-chain attacks on developers and their organizations. In June, we were the first to identify North Korean state actors conducting campaigns against npm developers. Today, we unveil another targeted campaign with similar behaviors, again targeting npm. | ||
| NPM Module | srm-front-util | 1.0.0 | Phylum excels at detecting and blocking software supply-chain attacks on developers and their organizations. In June, we were the first to identify North Korean state actors conducting campaigns against npm developers. Today, we unveil another targeted campaign with similar behaviors, again targeting npm. | ||
| NPM Module | ws-paso-jssdk | 1.0.0 | Phylum excels at detecting and blocking software supply-chain attacks on developers and their organizations. In June, we were the first to identify North Korean state actors conducting campaigns against npm developers. Today, we unveil another targeted campaign with similar behaviors, again targeting npm. | ||
| NPM Module | cloud-room-video | ||||
| NPM Module | progress-player | ||||
| NPM Module | ynf-core-loader | ||||
| NPM Module | ynf-core-renderer | ||||
| NPM Module | ynf-dx-scripts | ||||
| NPM Module | ynf-dx-webpack-plugins | ||||
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |