Security News > 2022 > March > Microsoft Azure Developers Awash in PII-Stealing npm Packages

Microsoft Azure Developers Awash in PII-Stealing npm Packages
2022-03-24 20:21

Researchers have found hundreds of malicious packages in the npm repository of open-source JavaScript code, designed to steal personally identifiable information in a large-scale typosquatting attack against Microsoft Azure cloud users.

That's according to the JFrog Security Research team, which said that the set of packages appeared earlier this week and steadily grew since then, from about 50 packages to more than 200.

Npm scopes are a way of grouping related packages together.

While JFrog reported the packages for removal from npm itself, developers could have pulled in the malicious code to any number of applications that are still threatening Azure users.

Npm is the most oft-downloaded JavaScript package repository used by developers to build web applications, and as such, has been increasingly targeted by malicious actors to carry out software supply-chain attacks.

Adding a CAPTCHA mechanism on npm user creation would not allow attackers to easily create an arbitrary amount of users from which malicious packages could be uploaded, making attack identification easier."


News URL

https://threatpost.com/microsoft-azure-developers-pii-stealing-npm-packages/179096/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2820 161 4400