#credential-exfiltration

[ follow ]
#malware #npm #supply-chain-attack #go #ssh-brute-force
Information security
fromThe Hacker News
2 hours ago

40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials

A supply chain attack trojanized over 40 npm packages to install a backdoor that scans developer machines for credentials and exfiltrates secrets.
fromThe Hacker News
3 weeks ago

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. "On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor," Socket researcher Kirill Boychenko said. The deceptive package, named "golang-random-ip-ssh-bruteforce," has been linked to a GitHub account called IllDieAnyway (G3TT), which is currently no longer accessible.
Information security
[ Load more ]