< BACK TO NEWS
negativeSYS.SOURCE: The Hacker News2026-07-14T12:38:36+05:30

148 Malicious npm Packages Exploited as Student Proxies to Create DDoS Botnet

148 malicious npm packages masquerading as student proxies were used to turn browsers into a DDoS botnet by exploiting WebSocket flood generators and remote code loaders. The campaign leveraged student traffic to attack educational institution servers while remaining undetected through obfuscation and mutable code delivery.

A campaign of 148 npm packages disguised as student web proxies turned visitors' browsers into a distributed denial-of-service botnet for roughly two weeks in May, according to new research from JFrog.

The packages did not go after the developers who might install them. The operators used the registry as free hosting for a booby-trapped proxy site and let the students who came to dodge

Read original article

*** END OF TRANSMISSION ***