Posts tagged advertorial

One In Two New Npm Packages Is SEO Spam Right Now

spam, SEO, virus, NPM, eyeball spikes, 2023, sandworm, advertorial, malicious intent

Out of the ~320k new npm packages or versions that Sandworm has scanned over the past week, at least ~185k were labeled as SEO spam. Just in the last hour as of writing this article, 1583 new e-book spam packages have been published.

All the identified spam packages are currently live on npmjs.com.

Here’s a breakdown of the main attacker profiles for the week’s worth of data we’re sampling in this article (22-29 Mar 2023)