Hundreds of code libraries posted to NPM try to install malware on dev machines

Hundreds of code libraries posted to NPM try to install malware on dev machines

Briefly

The researchers explained: 'An interesting thing about storing this data on the Ethereum blockchain is that Ethereum stores an immutable history of all values it has ever seen. Thus, we can see every IP address this threat actor has ever used.'

Ars Technicahttps://arstechnica.com/security/2024/11/javascript-developers-targeted-by-hundreds-of-malicious-code-libraries/

'This information includes information about the GPU, CPU, the amount of memory on the machine, username, and OS version.' The Phylum researchers detail the method's invasive data collection.

Ars Technicahttps://arstechnica.com/security/2024/11/javascript-developers-targeted-by-hundreds-of-malicious-code-libraries/

Attacks like this one rely on typosquatting, a term for the use of names that closely mimic those of legitimate packages but contain small differences, such as those that might occur if the package was inadvertently misspelled.

Ars Technicahttps://arstechnica.com/security/2024/11/javascript-developers-targeted-by-hundreds-of-malicious-code-libraries/

'Developers should always double-check names before running downloaded packages.' This advice emphasizes caution amid rising threats from malicious code libraries.

Ars Technicahttps://arstechnica.com/security/2024/11/javascript-developers-targeted-by-hundreds-of-malicious-code-libraries/