Information security
fromInfoWorld
1 week agoQR codes become the vehicle for malware in new technique
A malicious npm package named fezbox hides obfuscated backdoor code inside embedded QR codes to steal credentials from browser cookies.
This week, the Socket Threat Research Team identified a malicious package, 'fezbox', published to npmjs.com, the world's largest open-source registry for JavaScript and Node.js developers. The illicit package contains hidden instructions to fetch a JPG image containing a QR code, which it can then further process to run a second-stage obfuscated payload as a part of the attack. At the time of writing, the package received at least 327 downloads, as per npmjs.com, before the registry admins took it down.