Introduction to Malware Binary Triage (IMBT) Course
Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor.
Enroll Now and Save 10%: Coupon Code MWNEWS10
Note: Affiliate link – your enrollment helps support this platform at no extra cost to you.
The legitimate ESLint packages on the npmjs.com registry are called "typescript-eslint" and "@typescript-eslint/eslint-plugin." This has unscrupulous actors publishing a typosquat named "@typescript_eslinter/eslint" that very closely resembles the names of the real libraries, but is up to no good. The counterfeit component has been downloaded thousands of times. Similarly, attacks impersonated another popular npm package "@types/node" with its counterfeit version having scored 6,765 weekly downloads with 20,502 downloads over the course of its lifetime.
Sonatype's 2024 Open Source Malware report highlights that 98.5% of all open source malware discovered by us was published in the npmjs.com registry, which remains a prominent choice among threat actors looking to push their malicious artifacts downstream to millions.
Article Link: Counterfeit ESLint and Node 'types' libraries downloaded thousands of times abuse Pastebin