Over 3 Dozen Data-Stealing Malicious npm Packages Found Targeting Developers
Oct 03, 2023
Software Security / Hacking
Nearly three dozen counterfeit packages have been discovered in the npm package repository that are designed to exfiltrate sensitive data from developer systems, according to findings from Fortinet FortiGuard Labs. One set of packages – named @expue/webpack, @expue/core, @expue/vue3-renderer, @fixedwidthtable/fixedwidthtable, and @virtualsearchtable/virtualsearchtable – harbored an obfuscated JavaScript file that's capable of gathering valuable secrets. This includes Kubernetes configurations, SSH keys, and system metadata such as username, IP address, and hostname. The cybersecurity firm said it also discovered another collection of four modules, i.e., binarium-crm, career-service-client-0.1.6, hh-dep-monitoring, and orbitplate, which results in the unauthorized extraction of source code and configuration files. "The targeted files and directories may contain highly valuable intellectual property and sensitive information, such as various application and service credent