NPM packages posing as speed testers install crypto miners instead

vtqhtr413

vtqhtr413

Level 27
Thread author
Verified
Top Poster
Well-known
Forum Veteran
Aug 17, 2017
1,280
17,222
2,568
Content source
https://www.bleepingcomputer.com/news/security/npm-packages-posing-as-speed-testers-install-crypto-miners-instead/
A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. The packages were uploaded onto NPM, an online repository containing over 2.2 million open-source JavaScript packages shared among software developers to speed up the coding process. CheckPoint discovered these packages on January 17, 2023, all uploaded to NPM by a user named "trendava." Following the company's report, NPM removed them the following day.
Click to expand...
www.bleepingcomputer.com

NPM packages posing as speed testers install crypto miners instead

A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • +Reputation
  • Like
Reactions: Gandalf_The_Grey, silversurfer, upnorth and 1 other person
You must log in or register to reply here.

You may also like...