In June 2023, Phylum was the first to unearth a series of suspicious npm publications belonging to what appeared to be a highly targeted attack. The identified packages, published in pairs, required installation in a specific sequence, subsequently retrieving a token that facilitated the download of a final malicious payload
My heart goes out to the DPRK on it’s little crusade against crypto bros and finding methods to fight the USA itself.