Malicious NPM Package Disguised as Ethereum Tool Deploys Quasar RAT

ines, and manage multiple compromised hosts simultaneously if this campaign is part of a botnet infection,” Boychenko said.
“At this stage, the victim’s machine is fully compromised, and is under complete surveillance and control by the threat actor, ready for regular check-ins and to receive updated instructions.”

In other related news, cybersecurity experts have found a concerning trend of fake stars on GitHub repositories. These fake stars are used to artificially increase the popularity of malware-laden repositories. A recent study by Socket, Carnegie Mellon University, and North Carolina State University revealed that many fake stars are used to promote malware repositories disguised as pirating software, game cheats, and cryptocurrency bots.

The study found that fake stars are often advertised by services like Baddhi Shop and BuyGitHub, with thousands of repositories affected. These fake stars can be purchased to boost a repository’s credibility and visibility, attracting more developers and contributors. However, relying solely on star count as a measure of quality is not reliable, as the study suggests that many accounts participating in fake star campaigns have little to no activity.

GitHub, the popular code hosting platform, has been actively working to address the issue of fake stars, as they can be easily manipulated by bot accounts or low-reputation users. The platform is considering implementing new metrics to provide a more accurate measure of repository popularity.

As the software supply chain continues to be a target for cyber attacks, it’s important for developers to be cautious when downloading packages and not rely solely on star count as an indicator of a repository’s credibility. Stay informed and stay safe in the digital world!