This tool allows keylogging, access to the camera, stealing passwords stored in browsers, manipulating files, etc. Unfortunately, their installation downloaded and launched a Trojan called njRAT, which made it possible to execute remote commands. Everything was cleverly prepared, and the packages felt legitimate. Seemingly, these were sensible tools to make a database out of JSON files. In December 2020 new malicious packages were found in NPM. I recommend reading the Ransomware attacks on GitHub, Bitbucket, and GitLab article to get a better insight into this topic. A particularly popular type is ransomware, which blocks access to our systems (often by encrypting data) and then demands a ransom to unblock access. This slogan covers all kinds of viruses, trojans, spywares, keyloggers, and many other harmful types of software. Malware is a fairly broad term referring to all programs that are harmful to our system or ourselves – its users. External scripts may quite easily execute any malware. Currently, when creating an IT system, we are rarely entirely its authors, so we do not always have 100% control. The popularity of NPM packages is also of great importance here. Especially now, when in recent years the popularity of solutions based on external, dynamically loaded dependencies, such as entire libraries or individual functions, has grown.
You may even get the impression that the number of things that have to be done grows more and more with time. Security professionals always have a lot of work to do.
0 kommentar(er)
