Despite efforts taken in recent years to proactively monitor public software repositories for malicious code, packages that bundle malware continue to routinely pop up in such places. Researchers recently identified two legitimate looking packages that remained undetected for over two months and deployed an open-source information stealing trojan called TurkoRat.
Effective use of typosquatting on malicious npm packages
Attackers attempt to trick users into downloading malicious packages in several ways, and typosquatting is one of the most popular because it doesn't take a lot of effort. This technique involves copying a legitimate package, adding malicious code to it and publishing it with a different name that's a variation of the original in the hope that users will find it when searching for the real package.
To read this article in full, please click here
Support the originator by clicking the read the rest link below.
