In a classic case of typosquatting intended to fool inattentive users, the fake packages featured names that were just slightly different than actual, genuine packages offered by npm. "The package naming was both deliberate and malicious – the intent was to collect useful data from tricked users," npm explained in a blog post.
According to npm, a user by the handle of "hacktask" published the malicious libraries on July 19, including two that mimicked the popular "cross-env," which between then were downloaded nearly 700 times before they were removed on Aug. 1. Fortunately, only about 50 of these downloads appear to be genuine installations from real users, while the rest came from registry mirrors that automatically downloaded copies, npm explained.
Best Practices on Migrating from a Data Warehouse to a Big Data Platform. BY Michael Farnbach