Head Topics

Hijacked S3 buckets used in attacks on npm packages

Australia News News

Hijacked S3 buckets used in attacks on npm packages
Australia Latest News,Australia Headlines
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 61 sec. here
  • 3 min. at publisher
  • 📊 Quality Score:
  • News: 28%
  • Publisher: 61%

Cybercrooks use abandoned AWS storage tool to deliver malware

Nachshon reverse-engineered the compiled file, though it wasn't easy. One problem? Scanning the file using VirusTotal didn't detect it as malware. However, he looked at the strings in the file and found"some weird behavior," convincing him to dive deeper.

The larger problem was the other packages and repositories that also were using expired S3 buckets, which this kind of attack a problem well beyond bignum. "The danger it poses can be huge if an attacker manages to exploit it as soon as this kind of change occurs," he wrote."Another risk is posed to organizations or developers using frozen versions or 'artifactories' as they will continue to access the same, now hijacked, bucket."for downloading pre-built binaries. The latest version, 0.13.1, doesn't use that. It also doesn't allow downloading of pre-built binaries to avoid malicious downloads.

"Finding the exact string that allows you to compromise a system is quite difficult, but this attack type is one of the most simple and common ones out there," Bond said."This is a case of an adversary getting lucky while doing typical adversary activity." The problem is that a similar scenario could play out whenever a trusted distribution location – in this case, the S3 buckets – is no longer used and is abandoned, according to his colleague, Patrick Tiquet, vice president of security and architecture with Keeper Security. ®

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

TheRegister /  🏆 67. in UK

Australia Latest News, Australia Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Man, 31, appears in court charged with murder over Nottingham killingsMan, 31, appears in court charged with murder over Nottingham killingsA man has appeared in court accused of murdering three people in Nottingham. Valdo Calocane is charged with killing Grace O'Malley-Kumar, Barnaby Webber and Ian Coates. darshnasoni reports.
Read more »

Pervert who squirted women with bodily fluids admitted to police: 'Yeah, it's mePervert who squirted women with bodily fluids admitted to police: 'Yeah, it's meWillbert Mukori, 26, was jailed for the sickening street attacks as West Midlands Police appeal for witnesses
Read more »

Uganda school attack: Students among at least 41 killedUganda school attack: Students among at least 41 killedAccording to Ugandan police, the raid was carried out by the Allied Democratic Forces (ADF), who have been launching attacks from their bases in the DRC for years, targeting civilians.
Read more »

Scots dog owner rushed to hospital after stepping on used needle at walking spotScots dog owner rushed to hospital after stepping on used needle at walking spotDaniela Stoyanova was out with her border collie in Edinburgh when she suddenly felt a sharp and burning pain in her right foot.
Read more »

Nottingham attacks murder accused appears in courtNottingham attacks murder accused appears in courtFormer University of Nottingham student Valdo Calocane appeared in court this morning charged with the murders of Grace O'Malley Kumar, Barnaby Webber and Ian Coates
Read more »

Series to explore case of NI student who became 'UK’s most prolific catfish'Series to explore case of NI student who became 'UK’s most prolific catfish'The young criminal used fake profiles to befriend hundreds of victims stretching across the world as far as America and New Zealand
Read more »



Render Time: 2025-03-09 02:48:53