A hacker has successfully infiltrated numerous popular software packages with a crypto-stealing malware after phishing the developer responsible for their maintenance. The malware was detected in 18 software modules, which collectively are downloaded two billion times weekly. These modules are part of “npm packages” essential for JavaScript projects. The developer, Josh Junon, confirmed the breach, attributing it to a phishing email mimicking official communications from npmjs.com. The email urged users to update their two-factor authentication and led to a hacker-controlled domain, compromising Junon’s account. While the breach is deemed the largest supply chain compromise in npm history, the impact may be minimal as the malicious versions were available for a short time and reportedly had no downloads. The malware targets cryptocurrency transactions by redirecting them to the hacker’s accounts. Despite the significance of the compromise, experts believe the attack was amateurish, although there are indications other npm maintainers might have been targeted.
How Did a Hacker Infect Popular Software with Malware?
