#NPM #axios maintainer has lost control of their account. Malicious versions 1.14.1 and 0.30.4 have been published which include a RAT.
NPM has pulled the effected versions and the payload. Time to clean up and see if you were effected.
StepSecurity has an awesome write up on this issue with #iocs
Link follows this toot.
#CTI #infosec #node #cybersecurity #security #nodejs #js #malware
axios Compromised on npm - Malicious Versions Drop Remote Access Trojan
Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis.
Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis.
IAintShootinMis