148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet

Read full story on The Hacker News
Share
148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet
AI disclosure

Summary

A campaign of 148 npm packages disguised as student web proxies turned visitors' browsers into a distributed denial-of-service botnet for roughly two weeks in May, according to new research from JFrog. The packages did not go after the developers who might install them. The operators used the registry as free hosting for a booby-trapped proxy site and let the students who came to dodge

Original reporting

Open original source
Read full article on The Hacker News

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.