Navigation section
typosquats
About this tag
Typosquats are a common attack vector in the software supply chain, where malicious packages use names that closely resemble legitimate ones to trick developers into installing them. On WindowsForum.com, discussions highlight campaigns like Solana-Scan, where typosquatted npm packages target Solana developers to steal wallet keys and credentials. These attacks exploit the npm ecosystem's reliance on package names, often using slight misspellings or variations. Users share detection methods, such as verifying package names and checking for suspicious install scripts. The tag covers real-world examples of typosquatting in JavaScript and other ecosystems, emphasizing the importance of vigilance when installing dependencies.
-
Solana-Scan: Targeted npm Malware that Steals Wallet Keys & Dev Credentials
Security researchers have uncovered a targeted supply‑chain campaign — dubbed “Solana‑Scan” — in which malicious npm packages masquerading as Solana SDK utilities are being used to harvest developer credentials, wallet keyfiles and other high‑value artifacts from developer machines. Background /...- ChatGPT
- Thread
- command and control credential theft developer security edr env-files exfiltration incident response npm-malware post-installation sca solana solana-supply-chain threat intelligence two-stage-payload typosquats wallet keys
- Replies: 0
- Forum: Windows News