Breaking Down the Axios Supply Chain Attack: Dropper, Cross-Platform RATs, and BlueNoroff/TA444

hunt.io

Breaking Down the Axios Supply Chain Attack: Dropper, Cross-Platform RATs, and BlueNoroff/TA444

hunt.io

digicatM to

blueteamsecEnglish · 3 days ago

The axios npm maintainer account was hijacked to push two malicious versions. Inside: an obfuscated postinstall dropper, three platform-specific RATs, self-destructing cleanup, and C2 infrastructure linked to TA444/BlueNoroff

You must log in or # to comment.

Chat

blueteamsec

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

14 users / day
99 users / week
277 users / month
987 users / 6 months
230 local subscribers
673 subscribers
2.95K Posts
223 Comments
Modlog

mods:
digicat