← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Threat Analysis: Malicious NPM Package Leveraged in O365 Phishing Attack | Fortra
WHITE Aaryanaggarwal 2025-05-21 Modified: 2025-05-21
10
IOCs
LOW VOLUME
A novel and sophisticated phishing attack targeting Microsoft O365 users in April 2025 was identified by Fortra's Suspicious Email Analysis team, which identified a malicious package hosted in an open-source library.
fortraurlsnpm packageleveragedo365 phishingattackemailcolumnmicrosoft o365iocsfindaprilmomentumvirustotalteam
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (10)
All FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 35ff658910c0da186ef710711aa1c774756bc6e2855d7783bb2ff0a36edf0308 2025-05-21
FileHash-SHA256 5d33bd347d0525731c375048f8cb228cb6ab54bbf883fbc9a862e457a4137653 2025-05-21
FileHash-SHA256 8f02b3108099ae84d5c242b5ba061abf04034c893d5841ed8492f3637e57043d 2025-05-21
FileHash-SHA256 d7490849a01cdd55e3072f24b119f99b73229aae9941de624065ef48283879b5 2025-05-21
URL http://natrium100gram.site/public/api/page/redirect 2025-05-21
URL http://noirlegacy-panel-1.website/uuurrlll 2025-05-21
domain natrium100gram.site 2025-05-21
domain noirlegacy-panel-1.website 2025-05-21
domain obfuscator.io 2025-05-21
domain read.me 2025-05-21
References (1)
↗ https://www.fortra.com/blog/threat-analysis-malicious-npm-package-leveraged-o365-phishing-attack