• Malicious NuGet Packages Stole ASP • NET Data; npm Package Dropped Malware Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP • NET web application developers to steal sensitive data • The campaign,discovered by Socket, exfiltratesASP • NET Identity data, including user accounts, role assignments, and permission mappings, as well as manipulates authorization rules to create persistent backdoors in victim applications • The names of the packages are listed below - NCryptYo DOMOAuth2_ IRAOAuth2

Article Summaries:

  • Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The campaign, discovered by Socket, exfiltrates ASP.NET Identity data, including user accounts, role assignments, and permission mappings, as well as manipulates authorization rules to create persistent backdoors in victim applications. The names of the packages are listed below - - NCryptYo - DOMOAuth2_ - IRAOAuth2.0 - SimpleWriter_ The NuGet packages were published to the repository between August 12 and 21, 2024, by a user named hamz

Sources: