North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry | Cybersecurity

Ubisoft Australia. AVATAR: FRONTIERS OF PANDORA PS5,XBox..
Ad Gaming:  Video Games Amazon  |  Best Sellers  |  Pre-Orders  |  New Releases
Ad Gaming:  Call of Duty Black Ops 6 - PlayStation 4/5, Xbox Series X
Ad Gaming: Microsoft Store
Ad Visit: Things From Another World for a massive selection of Star Wars, Hellboy, Manga, Superheroes and other pop culture favorites.

Aug 06, 2024. Ravie Lakshmanan Malware / Windows Security.

The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems, underscoring the persistent nature of their campaigns.

The packages in question, harthat-api and harthat-hash, were published on July 7, 2024, according to Datadog Security Labs. Both the libraries did not attract any downloads and were shortly pulled after a brief period of time.

The security arm of the cloud monitoring firm is tracking the threat actor under the name Stressed Pungsan, which exhibits overlaps with a newly discovered North Korean malicious activity cluster dubbed Moonstone Sleet.

“While the name resembles the Hardhat npm package (an Ethereum development utility), its content does not indicate any intention to typosquat it,”…

Source thehackernews.com

Visit Things From Another World for a massive selection of Star Wars, Hellboy, Manga, Superheroes and other pop culture favorites.
FTC: We use income earning affiliate links. More on Sposored links.
Terms of use and third-party services. More here.
Ad Amazon Minecraft the game, plus clothing, toys, and accessories.
Ad Amazon Gaming Laptops, clothing, games and more
Ad Amazon MUSIC Artists Merch Shop

Prime members enjoy Prime FREE One-Day delivery

Related Posts