Ransomware, Malware, Threat Management, Threat Intelligence

More sophisticated Shai Hulud malware emerges

Privacy concept: pixelated words Malware on digital background, 3d render

Operators of the Shai Hulud malware that compromised thousands of developer environments have been testing yet another variant of the worm dubbed "The Golden Path," which has been integrated into the npm package "@vietmoney/react-big-calendar," reports The Cyber Express.

Apart from exfiltrating data to GitHub repositories with the new "Goldox-T3chs: Only Happy Girl" description, Shai Hulud's The Golden Path variant has been imbued with cross-platform publishing features, as well as updated file nomenclature and enhanced TruffleHog error management to ensure more reliable "smash-and-grab" operations, according to Aikido researchers.

"The differences in the code suggest that this was obfuscated again from original source, not modified in place. This makes it highly unlikely to be a copy-cat, but was made by somebody who had access to the original source code for the worm," said researchers, who advised organizations to not only implement stringent lockfile integrity and Trusted Publishing but also leverage tools that prevent unvetted release installations.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds