Cloud Threat Landscape
  • Incidents
  • Actors
  • Techniques
  • Defenses
  • Tools
  • Targeted Technologies
  • Posters & Newspapers
  • About
  • RSS
  • STIX
  • Back to wiz.io

Made with 💙 by Wiz

Last Updated: April 3, 2025

Cloud Threat Landscape
/Incidents
Incidents
/
UNC3379 npm supply chain attacks

UNC3379 npm supply chain attacks

Type
Campaign
Actors
💡UNC3379
Pub. date
December 15, 2021
Initial access
Unknown
Impact
Resource hijackingSupply chain attack
Observed techniques
Supply Chain Compromise
References
https://cloud.google.com/blog/topics/threat-intelligence/supply-chain-node-js/https://github.com/veged/coa/issues/99https://github.com/faisalman/ua-parser-js/issues/536
Status
Stub
Last edited
Oct 8, 2025 1:50 PM

Mandiant has attributed supply chain attacks which compromised ua-parser-js , coa, and rc to UNC3379. The malicious packages would download and execute both a Monero cryptocurrency miner, and the DANABOT banking trojan, depending on the OS.