Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware

Summary

Four npm packages within the @asyncapi namespace have been found to be compromised and are distributing a multi-stage botnet loader. This malicious activity was identified by researchers from OX Security, SafeDep, Socket, and StepSecurity.

IFF Assessment

FOE

The discovery of compromised software packages distributing botnet malware represents a direct threat to the security of systems that utilize these components.

Defender Context

This incident highlights the ongoing risk of supply chain attacks targeting popular package managers like npm. Defenders should implement rigorous dependency scanning and validation processes to detect and prevent the introduction of compromised libraries into their development pipelines.

Read Full Story →