Malware distribution in public repositories highlighted by malicious npm packages stealing Discord tokens

ZDNet Recommends

Best security key 2021

While robust passwords go a long way to securing your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read More

DevOps security firm JFrog discovered 17 new malicious packages in the npm (Node.js package manager) repository that intentionally seek to attack and steal a user’s Discord tokens.

Shachar Menashe, senior director of JFrog security research, and Andrey Polkovnychenko explained that hijacking a user’s Discord token (the user’s credentials) effectively gives the attacker full control over the user’s account.

“This type of attack has severe implications if executed well, and, in this case, public hack tools made such an attack easy enough for even a novice hacker to perform,” Menashe said. “We recommend organizations take precaution and manage their use of npm for software curation to reduce the risk of introducing malicious code into their applications.”

The two explained that the packages’ payloads are varied, ranging from infostealers to full remote access backdoors. They added that the packages have different infection tactics, including typosquatting, dependency confusion, and trojan functionality.

The packages have been removed from the npm repository, and the

Read More: