Fake WhatsApp Developer Libraries Hide Destructive Data-Wiping Code

Fake WhatsApp developer libraries hide destructive data-wiping code

Two malicious NPM packages posing as WhatsApp development tools have been discovered deploying destructive data-wiping code that recursively deletes files on a developer's computers.

Malicious NPM packages deceive WhatsApp developers

Researchers at Socket have discovered two malicious NPM packages that pose as legitimate WhatsApp development tools

WhatsApp Developers Under Attack From Weaponized npm Packages with Remote Kill Switch

Two malicious npm packages have emerged as sophisticated weapons targeting WhatsApp developers through a remote-controlled destruction mechanism that can completely wipe development systems. The packages, identified as naya-flore and nvlore-hsc, masquerade as legitimate WhatsApp socket libraries while harboring a devastating… Read more → The post WhatsApp Developers Under Attack From Weaponized npm Packages with Remote Kill Switch appeared first…

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. "At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes it in memory," Socket security