Cybersecurity researchers have identified a set of 10 malicious npm packages specifically designed to deliver an information stealer that targets multiple operating systems including Windows, Linux, and macOS. The malware is sophisticated, utilizing four layers of obfuscation to conceal its actual payload. Furthermore, it displays a fake CAPTCHA to enhance its legitimacy in the eyes of unsuspecting users, effectively deceiving them into executing the malicious code.
Once the malware is in action, it fingerprints victims by their IP address and proceeds to download a substantial 24MB PyInstaller-packaged information stealer. This information stealer is capable of harvesting sensitive data from the infected systems, posing significant risks to users and organizations. The discovery serves as a timely reminder of the persistent threat posed by malicious packages within software repositories.
👉 Pročitaj original: The Hacker News
