LetsDefend: Hijacked NPM Package/Supply Chain Compromise
5 min readJan 3, 2022
Hijacked NPM walkthrough
Preparation
Alert SOC158: Hijacked NPM Malware
Everything looks legit when I do the checks. UA Parser JS has been downloaded from its official site. I couldn't understand what is the problem.
Threat Intel
First things first so let's check the hash using VT (MD5 hash resolved to SHA256)
- MD5 Hash: fc724eb2894f34a3aca4b952d2f816cd
- SHA256 Hash: 7f986cd3c946f274cdec73f80b84855a77bc2a3c765d68897fbc42835629a5d5
Twitter is the best resource for threat intel and it is always worth checking. Below we can see the post regarding NMP Supply Chain Attacks.
