This site may contain outdated or incomplete information.
HackTask
HackTask used typosquatting to register packages that had names similar to popular libraries on the npm registry. As a result, the attacker could steal developer credentials.
Impact
38 typosquatted JS packages were found on the npm repositories. These packages were downloaded at least 700 times during the two week period that the compromise spanned.
Type of compromise
A typosquat attack does not require compromising any type of infrastructure.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.