A widely used Node.js code library listed in NPM’s warehouse of repository has been infected to include crypto-coin-stealing malware.
This vandalism is a stark reminder of dangers associated with reliable and complex webs of dependencies in software. Without proper precautions taken throughout the whole chain, an app’s security can be broken by modifying any component.
The version 3.3.6 of Event- Stream that included flatmap-stream dependency was released on September 9 2018, and the malicious version of flatmap-stream appeared on October 5. The malicious library is known have seen nearly 8 million downloads since it was included in September 2018.
The payload has been sophisticatedly designed and is known to decrypt only when being run on a certain environment. The injected code executed successfully when a package used by Copay was in use. The code attempts to exploit the wallet and then connect to copayapi.host and to the IP address based in Kuala Lumpur, Malaysia.
Users affected by this malicious code are recommended to eliminate this malevolent package from their application and revert back to the previous version 3.3.4 of event-stream.
Users who deal with Bitcoin applications are advised to inspect for any unauthorized transactions in the last 3 months.
Sensitive user applications should undergo an inspection for any suspicious activity in the last three months.
Unmaintained code and transferring of code ownership pose potential problems. Hence organizations should lay down strict regulations to avoid any unforeseen circumstances in future.
The offending code has been removed from Event-Stream. It appears that the rogue developer pushed an update to version 4.0.1 two months ago without the malicious code.
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
The researchers at Virus Removal Guidelines are dedicated to track down the latest vulnerabilities which may infringe your system security. Our team of expert performs a detailed research about every malware infection before educating our users about the same.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.