Security researchers have found out yet yet another supply chain attack marketing campaign using malicious npm offers, this time focusing on Discord users.
The reason of the marketing campaign appears to be to steal Discord tokens and users’ card data.
“The Python malware is a modified edition of an open up resource token logger called Volt Stealer. It is intended to steal Discord tokens from contaminated machines, alongside with the victim’s IP tackle, and upload them by way of HTTP,” claimed Kaspersky.
The marketing campaign is nevertheless a different case in point of a expanding risk to the developer neighborhood and downstream buyers – of devs unwittingly downloading malware as they use open up supply packages to accelerate time-to-market place.
Garwood Pang, senior security researcher at Tigera, spelled out that stolen Discord tokens could be leveraged in comply with-on spear-phishing attacks on victims’ friends.
“With much more than 11 million people utilizing npm, the opportunity viewers of a profitable offer chain attack is sizeable compared to targeting a distinct business.”
Some components of this article are sourced from: