Researchers have discovered two malicious NPM packages that register hidden HTTP endpoints to delete all files on command. The packages masquerade as legitimate utilities while implementing backdoors designed to destroy production systems.
You can get more details on this rather nasty malware here: https://socket.dev/blog/destructive-npm-packages-enable-remote-system-wipe
Jim Routh, Chief Trust Officer at Saviynt, commented:
“This is a case of a software supply chain compromise using malware designed to appear to be benign that then activates a back door once it is embedded. The key for enterprises is to improve the identity access management for everyone with access to the software build process including employees and contractors.”
This pretty much highlights why you need to sanity check anything and everything that goes into software so that you don’t become an unwitting transit mechanism for this type of attack.
Fun times.
Like this:
Like Loading...
Related
This entry was posted on June 9, 2025 at 1:55 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Destructive NPM Packages Disguised as Utilities Enable Remote System Wipe
Researchers have discovered two malicious NPM packages that register hidden HTTP endpoints to delete all files on command. The packages masquerade as legitimate utilities while implementing backdoors designed to destroy production systems.
You can get more details on this rather nasty malware here: https://socket.dev/blog/destructive-npm-packages-enable-remote-system-wipe
Jim Routh, Chief Trust Officer at Saviynt, commented:
“This is a case of a software supply chain compromise using malware designed to appear to be benign that then activates a back door once it is embedded. The key for enterprises is to improve the identity access management for everyone with access to the software build process including employees and contractors.”
This pretty much highlights why you need to sanity check anything and everything that goes into software so that you don’t become an unwitting transit mechanism for this type of attack.
Fun times.
Share this:
Like this:
Related
This entry was posted on June 9, 2025 at 1:55 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.