npm Package Found Delivering RAT Through Signed Microsoft Executable

blog.phylum.io

cross-posted to:
[email protected]
[email protected]
cybersecurity

npm Package Found Delivering RAT Through Signed Microsoft Executable

blog.phylum.io

bOt@zerobytes.monsterM to Technical Information Security Content & Discussion@zerobytes.monster · 10 months ago

cross-posted to:
[email protected]
[email protected]
cybersecurity

npm Package Found Delivering Sophisticated RAT

blog.phylum.io

On January 12, 2024 Phylum’s automated risk detection platform alerted us to a suspicious publication on npm. The package in question, oscompatible, contained a few strange binaries, including a single exe file, a single DLL file, and an encrypted dat file. The only JavaScript file present, index.js, simply

This is an automated archive.

The original was posted on /r/netsec by /u/louis11 on 2024-01-19 03:17:35+00:00.

You must log in or register to comment.

Chat