Information security
fromtheregister
5 days agoWorm rubs out competitor's malware, then takes control
A credential-harvesting worm removes prior TeamPCP traces, then propagates autonomously to internal and external cloud targets.
The coordinated campaign has so far published as many as 46,484 packages, according to SourceCodeRED security researcher Paul McCarty, who first flagged the activity. The end goal is quite unusual - It's designed to inundate the npm registry with random packages rather than focusing on data theft or other malicious behaviors. The worm-life propagation mechanism and the use of a distinctive naming scheme that relies on Indonesian names and food terms for the newly created packages have lent it the moniker IndonesianFoods.