malware npm

x509-escaping

discovered 2024-12-11

x509-escaping is identified in the SafeDep analysis "npm - The Playground for Malicious Packages". Multiple npm packages impersonating popular package names are being used to distribute malware. We take a closer look at the campaign.

Threat types

typosquat

Malicious versions

0.0.1
0.0.0

Campaigns

No Specific Campaignattributed-to

Indicators

ipv4 13.60.183.44communicates-with
ipv4 13.60.0.0communicates-with
ipv4 13.63.255.255communicates-with

Techniques

ttp T1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
ttp T1059.007 Command and Scripting Interpreter: JavaScriptuses
ttp T1036 Masqueradinguses

Read the full analysis →