LetsDefend Monitoring Alert

Hijacked NPM Package

Oct, 28, 2021, 09:55 AM

Event ID: 108

Event Time: Oct, 28, 2021, 09:55 AM

Rule Name: SOC158 - Hijacked NPM Package

Alert Type: Malware

MITRE Technique:
T1059 - Execution - Command and Scripting Interpreter,
T1204 - Execution - User Execution,
T1586 - Resource Development - Compromise Accounts,
T1587 - Resource Development - Develop Capabilities,
T1588 - Resource Development - Obtain Capabilities,
T1608 - Resource Development - Stage Capabilities,
T1195 - Initial Access - Supply Chain Compromise,
T1202 - Defense Evasion - Indirect Command Execution,
T1496 - Impact - Resource Hijacking,

Real World Example:This event affected more than 8 million people

Severity: Medium

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166