The Socket Research Team announced it has uncovered 6 new malicious npm packages linked to North Korea’s Lazarus group

  • News story


Name

The Socket Research Team announced it has uncovered 6 new malicious npm packages linked to North Korea’s Lazarus group

Description

The Socket team uncovered six JavaScript libraries using typosquatting to mimic legitimate packages. Linked to North Korea’s Lazarus Group, these malicious npm packages steal credentials, extract crypto wallet data and install backdoors.

Types

News story

Cover

Maintainers

Pet3rPan

Publish date

1:42pm, Tuesday, March 11, 2025

Related people

Kirill Boychenko

Related projects

Socket
Lazarus Group

Related topics

Blockchain technology

Sources

Lazarus Strikes npm Again with New Wave of Malicious Packages
Lazarus Infects New Batch of JavaScript Packages With Crypto Stealing Malware: Researchers
North Korean Lazarus hackers infect hundreds via npm packages

Tags

03/11/2025
Week 11 of 2025