Tag: Malware

Socket’s Threat Research Team has identified a coordinated and ongoing malicious campaign targeting the npm ecosystem, involving at least 60 packages designed to quietly exfiltrate sensitive system information to a threat actor-controlled Discord webhook. What Does it Do? The malicious packages  published under three separate npm accounts deploy post-install scripts that activate during npm install … Continued

The AhnLab Security Intelligence Center (ASEC) has discovered a new backdoor malware strain bundled with a Monero cryptocurrency miner. Unlike other malware that uses HTTP or IP-based communication, this malware uses PyBitmessage library to communicate over a peer-to-peer (P2P) network, encrypting its traffic between endpoints. What is PyBitmessage? Bitmessage is a protocol designed for anonymity … Continued