Skip to content
BagelTechNews

BagelTechNews

Information baked in

Primary Menu
  • Home
  • Tech Headlines
  • Social Media News
  • Software & Gaming
  • Contact Us
  • Home
  • Latest
  • 17 NPM packages found infected with malware

17 NPM packages found infected with malware

3 min read
37

Malware infection reports are on the rise, but it’s not all doom and gloom. As such a wide range of software is now vulnerable to attacks, some have arrived at the conclusion that developers should just stop using NPM packages altogether.

The “npm malicious packages” is a problem that has been present for a while. A recent study found 17 NPM packages to be infected with malware.

In the open-source NPM repository, seventeen malware packages were discovered. The majority of these programs steal passwords or Discord tokens, with some even taking credit card information linked to stolen Discord accounts. Botnets may utilize compromised Discord servers as a command and control channel, or as a proxy for obtaining data from hacked servers.

JFrog researchers Andrey Polkovnychenko and Shachar Menashe identified the packages in a study released on Wednesday. The malicious packages were quickly deleted after being notified to NPM code maintainers. The packages had not accumulated up a substantial number of downloads previous to exposure, according to NPM logs.

Python’s PyPi repository was compromised with crypto mining malware in June of this year. The NPM libraries UAParser.js and Pac-Resolver were also compromised and downloaded millions of times by unwitting developers. 

In the News: A Cybercourt for Cybercriminals has been established on the Dark Web.


In recent years, NPM infection attacks have become more common. It’s ripe for an assault. Millions of developers trust the NPM package library, making it simple for threat actors to sneak corrupted packages that transmit malicious payloads through a trusted service. 

Information stealers to complete remote access backdoors are among the payloads. Different infection techniques are also used by the packages, including typosquatting, dependency confusion, and trojan functionality.

Here’s a list of all the NPM packages that are impacted.

Package Version Payload Method of Infection
prerequests-xcode 1.0.4 Trojan Horse for Remote Access Unknown
discord-selfbot-v14 12.0.3 Grabber of Discord tokens Trojan Horse/Typosquatting (discord.js)
discord-lofy 11.5.1 Grabber of Discord tokens Trojan Horse/Typosquatting (discord.js)
discordsystem 11.5.1 Grabber of Discord tokens Trojan Horse/Typosquatting (discord.js)
discord-vilao 1.0.0 Grabber of Discord tokens Trojan Horse/Typosquatting (discord.js)
fix-error 1.0.0 PirateStealer is a fictional character (Discord malware) Trojan
wafer-bind 1.1.2 Stealer of environmental variables Wafer-* typosquatting
wafer-toggle 1.15.4 Stealer of environmental variables Wafer-* typosquatting
wafer-autocomplete 1.25.0 Stealer of environmental variables Wafer-* typosquatting
wafer-beacon 1.3.3 Stealer of environmental variables Wafer-* typosquatting
wafer-caas 1.14.20 Stealer of environmental variables Wafer-* typosquatting
wafer-geolocation 1.2.10 Stealer of environmental variables Wafer-* typosquatting
wafer-image 1.2.2 Stealer of environmental variables Wafer-* typosquatting
wafer-form 1.30.1 Stealer of environmental variables Wafer-* typosquatting
wafer-lightbox 1.5.4 Stealer of environmental variables Wafer-* typosquatting
octavius-public 1.836.609 Stealer of environmental variables Wafer-* typosquatting
mrg-message-broker 9998.987.376 Stealer of environmental variables Dependency ambiguity

Malware that steals Discord tokens is also on the increase, and for a variety of reasons. Discord servers, for example, may be used to operate a remote access trojan or even an entire botnet from an anonymous command and control server. Using webhooks, Discord may potentially be used as an anonymous data exfiltration conduit.

Hacked Discord accounts may also be used to propagate malware to the account owner’s friends, which is a somewhat successful technique of swiftly infecting a large number of PCs.

Finally, Discord offers a premium service known as ‘Nitro.’ The service costs about $100 per year and gives the customer aesthetic enhancements as well as the opportunity to ‘boost’ their preferred servers. Premium accounts are often hacked and sold for a fraction of the membership amount. 

On Facebook, Meta announces a month-long “Stars Fest.”

When he’s not writing/editing/shooting/hosting all things tech, he streams himself racing virtual vehicles. Yadullah may be reached at [email protected], or you can follow him on Instagram or Twitter.

Watch This Video-

The “cyber attack discord may 27, 2021” is a problem that has been present for a while. 17 NPM packages were found to be infected with malware.

Related Tags

  • bitcoin stealing malware
  • discord steal
  • discord malware
  • what is npm
  • discord vulnerabilities 2021

Continue Reading

Previous: How to Convert Youtube to MP4 iPhone
Next: How to use gaming mouse buttons?

Trending Now

Does OneDrive Slow Down Computer Performance 1

Does OneDrive Slow Down Computer Performance

January 28, 2023
Different Types of Online Casino Bonuses 2

Different Types of Online Casino Bonuses

January 24, 2023
How SkyHive’s Workforce Analytics Platform Can Help Businesses hive 85m 2bbrienventurebeat 3

How SkyHive’s Workforce Analytics Platform Can Help Businesses

January 20, 2023
Twitter’s New Font & Tricks for Making The Most of it twitter chirpfashingbauer coopercnet 4

Twitter’s New Font & Tricks for Making The Most of it

January 20, 2023
How to Use Yik Yak Responsibly? Everything You Need to Know About! yik us iosmarcinmashable 5

How to Use Yik Yak Responsibly? Everything You Need to Know About!

January 20, 2023
The Role of Government in Regulating Facial Recognition Technology clearview aclu usharwell washingtonpost 6

The Role of Government in Regulating Facial Recognition Technology

January 20, 2023

Related Stories

Different Types of Online Casino Bonuses
4 min read

Different Types of Online Casino Bonuses

17
How SkyHive’s Workforce Analytics Platform Can Help Businesses hive 85m 2bbrienventurebeat
10 min read

How SkyHive’s Workforce Analytics Platform Can Help Businesses

32
How ELSA Can Help you Become a Better English Speaker elsa english seriesleebloomberg
12 min read

How ELSA Can Help you Become a Better English Speaker

30
What Is Peacock Application?
3 min read

What Is Peacock Application?

35
Fix chakracore.dll is missing error in a few easy steps
6 min read

Fix chakracore.dll is missing error in a few easy steps

40
Best Ad Blockers for Android Smartphones | Ad Block Browsers
8 min read

Best Ad Blockers for Android Smartphones | Ad Block Browsers

52
  • T&C
  • Privacy Policy
  • Contact Us
Copyright © All rights reserved For BagelTechNews.com