alphaspirit - Fotolia
Typosquatting is a variant of cybersquatting where the typosquatter registers potential input errors for common URL searches in the hopes that an individual will incorrectly type their desired URL into the search bar. The typosquatter will then monitor how many clicks their typo receives and, if it has a high volume of traffic, they will sell that information. Typosquatting can bring in advertising revenue by selling ads to the original site's competition or via redirect pages from the typo.
NPM (node package manager) disclosed that malicious software was published through its code repository using typosquatting. NPM said the malicious software was detected because software using the malicious library reached out to a malicious website where additional functionality was available for download.
However, in the incident NPM disclosed, the attacker used typosquatting to post code that resembled legitimate software names under project names on the NPM registry. Since this is a general typosquatting attack, it could be found in other software development environments.
This general typosquatting attack can be detrimental to developers who want to find a software project in the NPM registry. The developer might have two or more similarly named projects to search or choose from and, if they choose incorrectly, malicious libraries could be included. This is an easy way to attack software developers because it is sometimes difficult to identify which library or software to use when you are just looking at the title of an application or tool.
Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Dig Deeper on Emerging cyberattacks and threats
Related Q&A from Nick Lewis
Cisco Talos' Thanatos ransomware decryptor can recover files affected by new ransomware that won't decrypt ransomed files even when a ransom has been... Continue Reading
A phishing campaign targeting Trezor wallets may have poisoned DNS or hijacked BGP to gain access. Learn how the attack worked and how to mitigate it... Continue Reading
Okta researchers found a bypass that allows macOS malware to pose as signed Apple files. Discover how this is possible and how to mitigate this ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.