Malicious NuGet packages abuse MSBuild to install malware


Level 44
Thread author
Top Poster
Nov 10, 2017
A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily.

NuGet is an open-source package manager and software distribution system, enabling developers to download and include ready-to-run .NET libraries for their projects.

Threat actors who target software distribution systems like npm and PyPI have recently shown interest in NuGet, which predominantly targets Windows users and has become very popular among software developers.

Hiding code with MSBuild:​


About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.