Techly NewsGet the app

Get the latest tech news

Lazarus Group deceives developers with 6 new malicious NPM packages


Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.

Lazarus Group has burrowed deeper into the npm registry and planted six new malicious packages designed to deceive software developers and disrupt their workflows, researchers at cybersecurity firm Socket said in a Monday blog post. Lazarus Group also “created and maintained GitHub repositories for five of the malicious packages, lending an appearance of open source legitimacy and increasing the likelihood of the harmful code being integrated into developer workflows,” Boychenko added. The malware also targets cryptocurrency wallets by extracting id.json from Solana and exodus.wallet from Exodus, which are then uploaded to a hardcoded C2 server, echoing another Lazarus Group tactic involving of harvesting and transmitting stolen data, Socket researchers said.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of developers

developers

Photo of npm

npm

Photo of Lazarus Group

Lazarus Group

Related news:

News photo

Nous Research just launched an API that gives developers access to AI models that OpenAI and Anthropic won’t build

News photo

OpenAI unveils Responses API, open source Agents SDK, letting developers build their own Deep Research and Operator

News photo

India's games industry is waiting for its Black Myth: Wukong moment, its developers tell us how it can happen

« US IRS To Re-Evaluate Modernization Investments In Light of AI Technology
Intel Compute Runtime Publishes Initial Panther Lake Xe3 GPU OpenCL/L0 Support »