Three malware packages containing a known virus called BeaverTail were published on the npm registry in September 2024. Linked to North Korea’s ‘Contagious Interview’ campaign, the malware targets software developers and the cryptocurrency sector. This ongoing campaign involves tricking developers to download malicious packages as part of a fake coding test. The incident shows an increased misuse of the open-source software supply chain by threat actors to infect their targets.
German authorities want your help finding the hackers behind GandCrab and REvil
Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk are believed to have made millions from ransomware as a service schemes
