Security News > 2025 > April > Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
2025-04-19 15:11
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below - node-telegram-utils (132 downloads) node-telegram-bots-api (82 downloads) node-telegram-util (73 downloads) According to supply chain
News URL
https://thehackernews.com/2025/04/rogue-npm-packages-mimic-telegram-bot.html
Related news
- New Auto-Color Linux backdoor targets North American govts, universities (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems (source)
- New npm attack poisons local packages with backdoors (source)
- Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts (source)
- FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites (source)
- Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)