Veracode unravels 12-layer npm attack to find RAT

Key takeaways:

  • Veracode discovered two malicious npm packages containing an extraordinarily complex 12-layer attack that used multiple obfuscation techniques, including Unicode characters (Japanese Katakana and Hiragana), binary strings, Base64 encoding, and others
  • The attack activated immediately when developers ran "npm install" through a postinstall script, making it nearly impossible to avoid once the malicious package was added to a project
  • The malware attempted to disable Windows Defender by adding its own files to exclusion lists and used memory-only execution to avoid leaving traces on the hard drive
Veracode unravels 12-layer npm attack to find RAT
Site Logo
Developer Tech News
Go to source




Added by

17 days ago

Developer-tech.com
veracodenpmrat
HomeQuestionsBlogsProductsJobsDropsNewsMemesCompaniesSupport

Copyright © 2025. Shifters. All rights reserved.

Terms & Privacy
Linkedin

Be Part of Something Big

Shifters, a developer-first community platform, is launching soon with all the features. Don't miss out on day one access. Join the waitlist: