npm Blog Archive: Plot to steal cryptocurrency foiled by the npm security team Logo

npm Blog Archive: Plot to steal cryptocurrency foiled by the npm security team

0
Free
Visit Website

Yesterday, the npm, Inc. security team, in collaboration with Komodo, helped protect over $13 million USD in cryptocurrency assets as we found and responded to a malware threat targeting the users of a cryptocurrency wallet called Agama. The attack focused on getting a malicious package into the build chain for Agama and stealing the wallet seeds and other login passphrases used within the application. The details The attack was carried out by using a pattern that is becoming more and more popular; publishing a “useful” package (electron-native-notify) to npm, waiting until it was in use by the target, and then updating it to include a malicious payload. The GitHub user sawlysawly published this commit on Mar 8th which added electron-native-notify ^1.1.5 as a dependency to the EasyDEX-GUI application (which is used as part of the Agama wallet). The next version of electron-native-notify was published 15 days later and was the first version to include a malicious payload. Following that Agama version v0.3.5 was released on Apr 13. electron native notify publication timeline “1.0.0”: “2019-03-06T23:54:33.625Z” “1.0.1”: “2019-03-07T03:07:45.585Z” “1.0.2”: “2019-03-07T03:10:00.491Z”

FEATURES

ALTERNATIVES

A case management platform for Security Operations Centers that enables collaborative incident response, workflow automation, and compliance reporting throughout the cybersecurity incident response lifecycle.

A cybersecurity incident management platform for tracking and reporting incidents with agility and speed.

An open-source SOAR tool for automating threat and incident response workflows using CACAO security playbooks.

Check if your email address has been involved in a data breach.

A centralized management console for efficiently operating and monitoring large-scale, multitenant Logpoint SIEM deployments across customers, geographies, and organizational divisions.

Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.

An AI-powered SOC automation platform that performs autonomous alert triage, investigation, and incident response while augmenting human analyst capabilities.

A System for Abuse- and Incident Handling with log file analysis capabilities.