this post was submitted on 26 Aug 2023
4 points (100.0% liked)

Security Operations

578 readers
1 users here now

A place for all things Cyber Security, from questions, rants, and stories, to the latest attacks, vulnerabilities, and zero days.

founded 2 years ago
MODERATORS
L3s
4
Fake Email Validation NPM Package Contains C2 and Sophisticated Data Exfiltration (blog.phylum.io)
submitted 2 years ago by L4s to c/secops
0 comments fedilink hide all child comments
 

Fake Email Validation NPM Package Contains C2 and Sophisticated Data Exfiltration::On the morning of August 24, Phylum's automated risk detection system identified a suspicious package published to npm called “emails-helper." A deeper investigation revealed that this package was part of an intricate attack involving Base64-encoded and encrypted binaries. The scheme fetches encryption keys from a DNS TXT record hosted on

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here