Linux and Mac Malware found hiding in NPM Package

While headlines regarding Iran’s nuclear program and possible Israeli malware been used to cause failures at nuclear plants is this week's big cybersecurity news, other developments deserve attention. One such development is the discovery of a new piece of malware that targets Node.JS developers using Mac and Linux machines. The malware was found in a malicious package on the NPM registry, used by developers to supplement their code with existing tools to make their life easier. The malware was found in a package labeled “web-browserify,” which is intended to imitate the popular Browserify package that has been downloaded over 160 million times. It can be assumed that the attacker by naming their malicious package “web-browserify” is hoping to trick developers into downloading the malicious package. The malware is built by combining hundreds of legitimate open-source components and performs extensive reconnaissan...

KIO KOREA Email Virus

"KIO KOREA Email Virus" refers to a malware-spreading spam campaign - a mass-scale operation during which deceptive emails are sent by the thousand. The scam letters sent through this campaign - request recipients to provide a product quote in accordance with the provided order list. It must be emphasized that all of the information provided by these emails - is false. The campaign's aim is to distribute an infectious file attachment, which upon opening - initiates download/installation of the Agent Tesla RAT (Remote Access Trojan). This malware is designed to enable remote access and control over an infected device. RATs can have a variety of heinous functionalities, and they can be used to cause various severe problems. The "KIO KOREA" scam emails (subject/title "Re: ORDER CONFIRMATION-4423sG.KIO KOREA CO.,LTD"; may vary) greet recipients by stating that it has been two years since the sender last requ...