Researchers Uncover RAT-Dropping npm Package Targeting Gulp Users | Cybersecurity

Jun 03, 2024. Newsroom Software Security / Supply Chain.

Cybersecurity researchers have uncovered a new suspicious package uploaded to the npm package registry that’s designed to drop a remote access trojan (RAT) on compromised systems.

The package in question is glup-debugger-log, which targets users of the gulp toolkit by masquerading as a “logger for gulp and gulp plugins.” It has been downloaded 175 times to date.

Software supply chain security firm Phylum, which discovered the package, said the package comes fitted with two obfuscated files that work in tandem to deploy the malicious payload.

“One worked as a kind of initial dropper setting the stage for the malware campaign by compromising the target machine if it met certain requirements, then downloading additional malware components, and the other script providing the attacker with a persistent remote access mechanism to control the compromised machine,” it said.

Phylum’s closer examination of the library’s…


Advertisement Gaming:   Xbox  |  Xbox Bundles  |  Nintendo  |  Playstation  |  Cards   | 
FTC: We use income earning affiliate links. More on Sposored links.
Terms of use and third-party services. More here.
Ad Amazon Minecraft the game, plus clothing, toys, and accessories.
Ad Amazon Gaming Laptops, clothing, games and more
Ad Amazon MUSIC Artists Merch Shop

Related Posts