Security News > 2021 > October > Malicious NPM Libraries Caught Installing Password Stealer and Ransomware

Malicious NPM Libraries Caught Installing Password Stealer and Ransomware
2021-10-28 00:05

Malicious actors have yet again published two more typosquatted libraries to the official NPM repository that mimic a legitimate package from Roblox, the game company, with the goal of distributing stealing credentials, installing remote access trojans, and infecting the compromised systems with ransomware. The bogus packages — named "noblox.js-proxy" and "noblox.js-proxies" — were found to


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/q0WhleZjkjo/malicious-npm-libraries-caught.html