Destructive malware available in NPM repo went unnoticed for 2 years
a year ago
- #npm
- #cybersecurity
- #malware
- Malicious software received over 6,000 downloads from the NPM repository in two years.
- Eight packages mimicked legitimate ones, containing destructive payloads to corrupt/delete data and crash systems.
- Packages were available for more than two years and had around 6,200 downloads.
- Attack vectors included data corruption, system shutdowns, and file deletion.
- Targeted parts of the JavaScript ecosystem with varied tactics.
- Tactics included deleting Vue.js files, corrupting core JavaScript functions, and breaking browser storage mechanisms.
- Multi-Phase System Attacks deleted Vue.js files and forced system shutdowns.