Malicious Packages Disguised as JavaScript Libraries Found

From govinfosecurity.com

Malicious Packages Disguised as JavaScript Libraries Found

Researchers at open-source software firm Sonatype have uncovered multiple malicious packages that disguise themselves as legitimate JavaScript libraries on npm registries to launch cryptominers on Windows, macOS and Linux machines.

An npm registry is a database of JavaScript packages, comprising software and metadata that are used by open-source developers to support JavaScript code sharing.

The researchers reported the malicious packages to npm on Oct. 15, 2021, and it took them down within hours of their release, the report says.

The researchers at Sonatype have attributed the ownership of the malicious packages to an author whose account is currently deactivated, the report notes.

Read more…