Security researchers at ReversingLabs have discovered that an NPM supply chain attack (aka IconBurst) launched in December 2021 used typosquatting to infect developers looking for very popular packages such as umbrellajs and ionic.io NPM modules, as well as used dozens of malicious NPM packages containing obfuscated Javascript code designed to compromise hundreds of websites and Desktop applications. According to Karlo Zanki, a reverse engineer at ReversingLabs, IconBurst rely on typo-squatting where hackers offer packages in public repositories with names that are similar to/or common misspellings of legitimate packages, as well as similarities between the domains used to exfiltrate system data. Moreover, researchers identified that the attacker can perform attacks through a very similar module naming scheme, by adding malicious packages to their apps or websites that capture serialized form data (such as those used for sign-in). As an example, one of the malicious NPM packages used in this campaign (icon-package) has over 17,000 downloads and is designed to steal serialized form data from attacker-controlled sites. Although NPM removed a few malicious packages from the repository, researchers were still able to detect some IconBurst malicious packages on the NPM registry. Despite compiling a list of malicious packages, researchers could not able to identify its impact and stated that it is still unclear how much data has been stolen through infected apps and websites since December 2021.
Cisco issued a warning about a state-sponsored hacking group exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewal...
Citizen Lab's recent investigation revealed significant security vulnerabilities in various cloud-based pinyin keyboard apps, raising concerns about user privacy risks. Among t...
An unidentified attacker hacked the website of a Czech news service on April 23, 2024, and published a fake story claiming an assassination attempt on Slovakia’s newly elected pr...