Ethers-Phouplier package is very similar to Ethers-Reviver2, but previous versions are exposed to attackers have tried different ways until they arrive at current implementation. For example, in that kind of attackers try to install files from a package called @ HERSPROJect / Providers.
Also, additional file download file. An interesting part is that there is a legal NPM packet called Laet.js with more than 24 million downloads and 5,200 programs. If the package already exists in your area, the malware will include it. If not, it will imitate.
“Although it is unusual as an infestealers on the NPM platform, they are not too far and regular,” said nursing researchers. However, this fan is noteworthy due to different strategies monitored by the attackers to hide the loaded load.
Source link