LetsDefend Monitoring Alert
Hijacked NPM Package
Oct, 28, 2021, 09:55 AM
Event ID: 108
Event Time: Oct, 28, 2021, 09:55 AM
Rule Name: SOC158 - Hijacked NPM Package
Alert Type: Malware
MITRE Technique:
T1059 - Execution - Command and Scripting Interpreter,
T1204 - Execution - User Execution,
T1586 - Resource Development - Compromise Accounts,
T1587 - Resource Development - Develop Capabilities,
T1588 - Resource Development - Obtain Capabilities,
T1608 - Resource Development - Stage Capabilities,
T1195 - Initial Access - Supply Chain Compromise,
T1202 - Defense Evasion - Indirect Command Execution,
T1496 - Impact - Resource Hijacking,
Real World Example:⭐ This event affected more than 8 million people
Severity: Medium
Incident Responder