A look back at the NPM supply chain attack

A NPM supply-chain attack dating back from December 2021 used dozens of malicious NPM modules containing obfuscated Javascript code to compromise hundreds of apps and websites. The attackers are known as IconBurst.

They used typosquatting, a technique in which hackers offer popular packages to infect developers. One of the malicious NPM packages in this attack has more than 17,000 downloads. If fooled, they would add the malicious packages designed to steal data from embedded forms to their apps or websites.

Today, more than 6 months after this attack, some of the malicious IconBurst packages are still available for download in the NPM registry.


Recent Posts

See All

On August 21st, the Hospital Center in Corbeil-Essonne was attacked by a group of hackers believed to be LockBit 3.0. The attack affected business software, storage systems and the patient admissions

A short while ago, Group-IB published a statement reporting that hackers were launching attacks to steal Steam credentials using a new and increasingly popular Browser-in-the-Browser phishing techniqu

On July 4th, La Poste was the victim of a large-scale hack via its mobile app. The data from tens of thousands of users (name, address, phone number, email and banking information for some) were stole

Malizen cybersecurity operations france

Follow our adventures !

  • Discorde
  • Gazouillement
  • Linkedin

Subscribe to our newsletter

Be notified every time we have news!

Thanks for subscribing !

By subscribing, I agree to the Terms of Use and Privacy Policy.