Jonkman Microblog
  • Login
Show Navigation
  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Friday, 19-Aug-2022 19:44:26 EDT lnxw48a1 lnxw48a1
    https://nu.federati.net/url/287438 [www bleepingcomputer com]

    200+ #npm and #pypi packages caught dropping #Linux cryptominers.

    > These packages are largely typosquats of widely used libraries and each one of them downloads a Bash script on Linux systems that run cryptominers.

    > It appears that both registries cleared the typosquats fairly quickly from their platforms before these could do more harm to developers.

    This appears to be a characteristic behavior of #monero / #xmr #cryptocurrency users. This is by no means the first wave of mining attacks against servers.

    Source: https://freeradical.zone/@thenewoil/108852026058423028
    In conversation Friday, 19-Aug-2022 19:44:26 EDT from nu.federati.net permalink

    Attachments

    1. 241 npm and PyPI packages caught dropping Linux cryptominers
      from BleepingComputer
      More than 200 malicious packages were discovered infiltrating the PyPI and npm open source registries this week. These packages are largely typosquats of widely used libraries and each one of them downloads a Bash script on Linux systems that run cryptominers.
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.