ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Open Source

Malicious npm proxies turned browsers into a short-lived DDoS botnet

Source headline: 148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet

Threat level High
Signal strength 78/100
Source confidence 1 source
Published 1 day ago

Intelligence Summary

A campaign using 148 npm packages disguised as student web proxies was linked to a browser-based DDoS botnet. The malicious packages abused visitors who loaded the proxy site hosted via the npm registry. The activity reportedly ran for about two weeks in May before being stopped. JFrog’s research indicates the packages were designed to disrupt end users rather than target the developers who published them. Users and organizations should review npm dependencies, pin versions, and monitor for suspicious proxy-related packages.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#supply-chain #npm #botnet #malicious-packages #ddos
Original reporting The Hacker News 148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet
Open original source