Automated Cyber Campaign Creates Masses of Bogus Software Building Blocks
Joachim Jakobs
jj at privatsphaere.org
Fr Jan 13 01:06:57 UTC 2023
Hallo Alle,
die Freie-Software Lieferkette scheint unter Beschuß zu geraten [1]:
The attack vector in the NuGet ecosystem involves the use of automated
processes to create a large number of packages with names and
descriptions designed to lure those interested in hacking, cheats, and
free resources. These contain links to phishing campaigns built to steal
personal information or other sensitive data.
The scale of this attack is unique, according to the report, because it
involves the creation of over 144,000 packages by the same threat actor
— a significantly larger number of packages than is typically seen in
such attacks, making it an especially large and significant event.
Gruß Joachim
[1]
https://www.darkreading.com/attacks-breaches/automated-cybercampaign-attacks-bogus-software-building-blocks
Mehr Informationen über die Mailingliste FSFE-de