Phylum Discovers Sophisticated Ongoing Attack on NPM
Tags
attack-pattern: Data Domains - T1583.001 Domains - T1584.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID c164d40e-e16b-401c-b39c-710823ee265f
Fingerprint ca086dd8e82785b0
Analysis status DONE
Considered CTI value 0
Text language
Published June 23, 2023, midnight
Added to db Aug. 12, 2023, 10:21 a.m.
Last updated Nov. 18, 2024, 2:36 a.m.
Headline Phylum Discovers Sophisticated Ongoing Attack on NPM
Title Phylum Discovers Sophisticated Ongoing Attack on NPM
Detected Hints/Tags/Attributes 29/1/22
Source URLs
Redirection Url
Details Source https://blog.phylum.io/sophisticated-ongoing-attack-discovered-on-npm/
URL Provider
Details Provider Source level domain
Details phylum.io blog.phylum.io
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 46 Phylum https://blog.phylum.io/rss/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1 
npmrepos.com
Details Domain 3 
tradingprice.net
Details Domain 3 
npmcloudjs.com
Details Domain 3 
npmjsregister.com
Details Domain 3 
bi2price.com
Details File 156 
package.json
Details File 174 
index.js
Details File 74 
main.js
Details File 6 
checkupdate.php
Details File 1 
getupdate.php
Details File 1 
checktoken.php
Details File 1 
getbprice.php
Details File 1 
auditcheck.php
Details File 1 
getcheckjs.php
Details File 365 
console.log
Details File 1 
'pricecheck.js
Details File 10 
os.pl
Details File 6 
fs.chm
Details File 1 
getfullhistory.php
Details File 1 
'price.dat
Details Url 1 
https://tradingprice.net/checktoken.php
Details Url 1 
https://bi2price.com/getfullhistory.php?token=