Contagious Interview Campaign Floods npm with Malicious Packages

Threat actors behind the Contagious Interview campaign have inundated the npm registry with 197 malicious packages designed to deliver a variant of OtterCookie. These packages, downloaded over 31,000 times, are crafted to evade detection, profile machines, and establish command-and-control channels. The malware aims to steal sensitive data, including browser credentials and cryptocurrency wallet information. The campaign is notable for its sustained tempo and adaptation to modern JavaScript and crypto-centric development workflows.

Latest mentioned: 11-28

Earliest mentioned: 11-25

Sources

gbhackers.com thehackernews.com malwarebytes.com darkreading.com infosecurity-magazine.com

Also Read

RelayNFC Malware Targets Mobile Payment Users

Cyble Research and Intelligence Labs (CRIL) has identified a new NFC relay malware campaign targeting mobile payment users. The malware, named RelayNFC, turns a victim's Android device into a remote card reader, enabling attackers to perform fraudulent contactless transactions. The malware is distributed through phishing sites and captures card data and PINs, relaying them to an attacker-controlled server. RelayNFC uses a real-time APDU relay channel and has zero detections on VirusTotal, indicating low visibility across security tools.

11-26Read more →