Suspicious NuGet package grabs data from industrial systems

A recent scan by ReversingLabs of the open source package manager NuGet uncovered a suspicious package, SqzrFramework480, that may be targeting developers working with technology made by a China-based firm that does industrial- and digital equipment manufacturing. In this blog post, we'll describe what we found and offer analysis of what might be behind this curious NuGet package. 

Industrial and political espionage have long been drivers of malicious cyber campaigns. By infiltrating sensitive corporate and government networks, malicious state-backed …

analysis blog blog post china data developers digital equipment found industrial industrial systems manager manufacturing may nuget offer open source package package manager reversinglabs scan systems targeting technology uncovered working