Tlhaselo ho basebelisi ba li-directory tsa NPM e fumanoe. Ka la 20 Hlakola, ho ile ha eketsoa liphutheloana tse fetang 15 sebakeng sa polokelo sa NPM. Lifaele tsa bona tsa README li ne li na le likhokahano tsa liwebsaete tsa phishing kapa lihokelo tsa phetisetso tse hlahisang meputso. Tlhahlobo ea liphutheloana e senotse lihokelo tse 190 tse ikhethang tsa phishing kapa tsa papatso, tse nkang libaka tse 31.
Mabitso a liphutheloana a khethiloe ho hohela tlhokomelo ea sechaba ka kakaretso, mohlala, "free-tiktok-followers," "free-xbox-codes," "instagram-followers-mahala," joalo-joalo. Sepheo e ne e le ho tlatsa lenane la lintlafatso tsa morao-rao leqepheng la NPM ka liphutheloana tsa spam. Litlhaloso tsa sephutheloana li kenyelelitse lihokelo tse tšepisang limpho tsa mahala, limpho, cheat ea lipapali, le lits'ebeletso tsa mahala bakeng sa balateli ba matlafatsang le lintho tseo ba li ratang ho li-platform tsa media tsa sechaba joalo ka TikTok le Instagram. Ena ha se tlhaselo ea pele e joalo; ka December, liphutheloana tsa spam tsa 144 li ile tsa hatisoa NuGet, NPM, le PyPi.
Likahare tsa sephutheloana li ile tsa hlahisoa ka bo eona ho sebelisoa script ea Python, ho hlakile hore e ile ea siuoa ka har'a liphutheloana, 'me e kenyelletsa lintlha tse sebelisitsoeng nakong ea tlhaselo. Liphutheloana li ile tsa hatisoa ka tlas'a li-account tse ngata tse fapaneng ho sebelisoa mekhoa e etsang hore ho be thata ho fumana le ho tseba kapele liphutheloana tse nang le mathata.
Ntle le ts'ebetso ea bosholu, liteko tse 'maloa tsa ho phatlalatsa liphutheloana tse mpe le tsona li fumanoe polokelong ea NPM le PyPi:
- 451 liphutheloana tse lonya li ile tsa fumanoa polokelong ea PyPI e neng e ikhakantse e le lilaebrari tse tsebahalang tse sebelisang typosquatting (ho abela mabitso a tšoanang le litlhaku tse fapaneng, joalo ka vper sebakeng sa vyper, bitcoinnlib sebakeng sa bitcoinlib, ccryptofeed sebakeng sa cryptofeed, ccxtt sebakeng sa ccxt, cryptocommpare ho fapana le prptocompare, selenium,installer joalo-joalo,installer joalo-joalo kenya. Liphutheloana li ne li kenyelletsa khoutu ea bosholu ea cryptocurrency e utsoitsoeng e lemohileng li-ID tsa sepache tsa crypto ka har'a clipboard mme tsa e nkela sebaka ka sepache sa mohlaseli (khopolo ke hore motho ea hlasetsoeng a ke ke a hlokomela palo e fapaneng ea sepache e kopilitsoeng ho clipboard ha a etsa tefo). Phetoho e entsoe ke sebatli se kenyelletsoeng se neng se sebetsa maemong a leqephe le leng le le leng la webo le shebiloeng.
- Letoto la lilaebrari tse mpe tsa HTTP li ile tsa sibolloa sebakeng sa polokelo ea PyPI. Ts'ebetso e mpe e fumanoe ka har'a liphutheloana tse 41, tseo mabitso a tsona a ileng a khethoa ho sebelisoa mekhoa ea ho thaepa 'me a tšoana le lilaebrari tse tsebahalang (aio5, kopo, ulrlib, urllb, libhttps, piphttps, httpxv2, joalo-joalo). Litefiso li ne li entsoe ho tšoana le lilaebrari tsa HTTP tse sebetsang kapa ho kopitsoa khoutu ea lilaebrari tse seng li ntse li le teng, 'me litlhaloso li ne li na le likopo tse mabapi le melemo ea tsona le lipapiso le lilaebrari tse molaong tsa HTTP. Ts'ebetso e mpe e ne e le ho khoasolla malware ho sistimi kapa ho bokella le ho romella lintlha tsa lekunutu.
- NPM e ile ea fumanoa e na le liphutheloana tse 16 tsa JavaScript (speedte *, trova*, lagra) tseo, ntle le ts'ebetso ea tsona e boletsoeng (teko ea li-bandwidth), e boetse e na le khoutu bakeng sa merafo ea cryptocurrency ntle le tsebo ea mosebedisi.
- Ho fumanoe liphutheloana tse 691 tse kotsi ho NPM. Bongata ba liphutheloana tse nang le mathata li iketsisitse merero ea Yandex (yandex-logger-sentry, yandex-logger-qloud, yandex-sendsms, jj.) 'me li kenyelelitse khoutu ea ho romella tlhahisoleseling ea lekunutu ho li-server tsa kantle. li-serverHo dumelwa hore bao ba ileng ba beha diphuthelwana tsena ba ne ba leka ho nkela di-dependency tsa bona sebaka ha ba haha diporojeke ho Yandex (mokgwa wa ho nkela di-dependency tsa ka hare sebaka). Polokelong ya PyPI, bafuputsi bona ba fumane diphuthelwana tse 49 (reqsystem, httpxfaster, aio6, gorilla2, httpssos, pohttp, jj.) tse nang le khoutu e mpe e patilweng e jarollang le ho tsamaisa faele e ka sebediswang ho tswa ho seva ya kantle. seva.
Source: opennet.ru
