all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Typosquatting campaign delivers r77 rootkit via npm

Add to bookmarks
Oct. 4, 2023, 11:10 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news


ReversingLabs researchers have identified a new, malicious supply chain attack affecting the npm platform. The “typosquatting” campaign first appeared in August and pushed a malicious package, node-hide-console-windows, which downloaded a Discord bot that facilitated the planting of an open source rootkit, r77.


This is the first time ReversingLabs researchers have discovered a malicious open source package delivering rootkit functionality, and suggests that open source projects may increasingly be seen as an avenue by which to distribute malware. 


Typosquatting delivers …

attack august bot campaign console discord hide malicious node npm open source package platform researchers reversinglabs rootkit supply supply chain supply chain attack typosquatting windows

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

4 Easy Ways to Find Free Wi-Fi Anywhere You Go 23 minutes ago | malware.news
can challenge coffee easy +10
AI's Offensive & Defensive Impacts an hour ago | malware.news
alto blog cybersecurity defensive +11
Cyberattack against United Russia claimed by Ukraine 2 hours ago | malware.news
attack cyberattack distributed initiative +14
US jails former NSA employee for attempting secret sale to Russia 2 hours ago | malware.news
agency article confidential defense +25
Better identity threat detection sought by new Semperis ML-based tool 2 hours ago | malware.news
and response article detection detection and response +27
Red Hat's latest enterprise Linux delivers new features to tackle hybrid-cloud complexity 3 hours ago | malware.news
addition article cloud complexity +13
NASA doesn't know if its spacecraft have adequate cyber defenses, GAO warns 3 hours ago | malware.news
agency article best practices cyber +11
US warns of Russian hackers targeting operational technology in water systems 4 hours ago | malware.news
advisory breached hackers official +10
Senators grill UnitedHealth CEO on Change Healthcare cyberattack 4 hours ago | malware.news
article ceo change change healthcare +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs