How an E-commerce Giant Avoided a Trojanized Dependency Attack

Attackers published a typosquatted, trojanized version of a core UI library to steal session cookies and payment information from a major e-commerce platform. Find out how Veracode’s upstream controls blocked the attack, preventing a massive data breach and protecting revenue.

Download the Case Study

Block Malicious Packages Pre-Download

At registry-level enforcement, Veracode Package Firewall halted the download of the malicious package using policy-based integrity checks and version reputation signals, stopping the attack before it started.

Deny Entry with Automated Protection

Veracode’s malicious package protection capabilities analyzed the dependency, mapping its embedded binary to known malware families and enforcing an automatic denial of the package while guiding developers to clean versions.

Accelerate Rollbacks and Audits

Veracode SCA identified where the typosquatted package was referenced, accelerated rollback with precise fix versions, and validated clean builds by exporting SBOMs for audit and commerce partner requirements.

Get started today

Eliminate the most risk with the least amount of effort

Contact Us

Get in touch and secure your software

Read More

Request a 

Live Demo

Schedule your demo

Read More

Veracode Blog

Learn from Veracode’s latest blogs

Read More