Researchers Spot New Shai Hulud Variant www.databreachtoday.com/researche…
Hackers behind the Shai Hulud malicious npm JavaScript campaign are likely testing a new variant of the malware.
Security researchers at Aikido on Sunday uncovered an apparently new Shai Hulud variant uploaded to npm through a GitHub repository called @vietmoney/react-big-calendar.
Shai Hulud is the moniker for a campaign of self-propagating attacks on the npm JavaScript repository by hackers who appear to have taken inspiration from the giant worms—necessary for spice production on the desert planet Arrakis—in the science-fiction series Dune. Attackers named GitHub repositories receiving stolen data “Shai Hulud,” after the in-universe term for the giant worms.
“There does not seem to be any major spread or infections,” Aikido researcher Charlie Eriksen said about the latest variant. “This suggests we may have caught the attackers testing their payload.”
