Hackers have once again launched a supply chain attack targeting software developers, as cybersecurity researchers from Phylum recently discovered a new campaign distributing malicious libraries impersonating jQuery on various code repositories. These libraries were designed to simplify client-side scripting of HTML, making it easier for developers to write JavaScript code with features like event handling, animations, and Ajax interactions.
According to Phylum, the attackers cleverly hid malware within the ‘end’ function of jQuery, which is called by the popular ‘fadeTo’ function from its animation utilities. A total of 68 packages were identified, with names like cdnjquery, footersicons, jquertyi, and logoo, among others, published between late May and late June this year.
Unlike previous automated campaigns targeting developers, this attack appears to be fully manual, as it does not follow the usual patterns in naming packages and upload dates. While PyPI, GitHub, and npm are frequently targeted repositories, PyPI had to suspend new account and project creations to prevent the upload of malicious packages, and GitHub experienced a similar issue in late February with millions of repositories capable of stealing sensitive information.
This incident highlights the ongoing threat posed by hackers using weaponized packages to infiltrate systems and compromise data. It is essential for developers to remain vigilant and take necessary precautions to protect their websites and applications from such attacks.
Sead, a freelance journalist based in Sarajevo, Bosnia and Herzegovina, specializes in writing about IT, cloud services, IoT, 5G, VPN, and cybersecurity topics such as ransomware, data breaches, and regulations. With over a decade of experience in journalism, including contributions to outlets like Al Jazeera Balkans, Sead is well-versed in providing insights on emerging technologies and security threats.
In today’s digital landscape, safeguarding your website and applications against cyber threats is more critical than ever. By staying informed about potential risks and implementing robust security measures, developers can help prevent malicious attacks and ensure the integrity of their online platforms. Remember to regularly update software, use secure coding practices, and monitor for any suspicious activity to keep your digital assets safe from cybercriminals.
