The Socket Research Team announced it has uncovered 6 new malicious npm packages linked to North Korea’s Lazarus group
- News story
Name
The Socket Research Team announced it has uncovered 6 new malicious npm packages linked to North Korea’s Lazarus group
Description
The Socket team uncovered six JavaScript libraries using typosquatting to mimic legitimate packages. Linked to North Korea’s Lazarus Group, these malicious npm packages steal credentials, extract crypto wallet data and install backdoors.
Publish date
1:42pm, Tuesday, March 11, 2025