Multiple Jscrambler Packages Impacted by Supply Chain Attack

Multiple Jscrambler Packages Impacted by Supply Chain Attack
Several malicious versions of Jscrambler’s NPM package were published in a supply chain attack after a threat actor used compromised publishing credentials. The Rust-based payloads targeted developer and cloud-operator secrets, wallets, browser data, and cloud APIs, affecting dependent packages and prompting urgent cleanup and credential rotation. #Jscrambler #NPM #Socket

Keypoints

  • Attackers published malicious Jscrambler NPM packages using compromised publishing credentials.
  • The malicious versions included a preinstall hook and additional files that launched platform-specific binaries.
  • The payloads were Rust-based information stealers targeting credentials, secrets, wallets, and application data.
  • Several dependent packages were also affected, including Jscrambler-webpack-plugin and gulp-Jscrambler.
  • Jscrambler revoked credentials, and users were told to remove infected versions and rotate secrets.

Read More: https://www.securityweek.com/multiple-jscrambler-packages-impacted-by-supply-chain-attack/