Skip to content
BagelTechNews

BagelTechNews

Information baked in

Primary Menu
  • Home
  • Tech Headlines
  • Social Media News
  • Software & Gaming
  • About Us
  • Contact Us
  • Home
  • Latest
  • 17 NPM packages found infected with malware

17 NPM packages found infected with malware

3 min read
134

Malware infection reports are on the rise, but it’s not all doom and gloom. As such a wide range of software is now vulnerable to attacks, some have arrived at the conclusion that developers should just stop using NPM packages altogether.

The “npm malicious packages” is a problem that has been present for a while. A recent study found 17 NPM packages to be infected with malware.

In the open-source NPM repository, seventeen malware packages were discovered. The majority of these programs steal passwords or Discord tokens, with some even taking credit card information linked to stolen Discord accounts. Botnets may utilize compromised Discord servers as a command and control channel, or as a proxy for obtaining data from hacked servers.

JFrog researchers Andrey Polkovnychenko and Shachar Menashe identified the packages in a study released on Wednesday. The malicious packages were quickly deleted after being notified to NPM code maintainers. The packages had not accumulated up a substantial number of downloads previous to exposure, according to NPM logs.

Python’s PyPi repository was compromised with crypto mining malware in June of this year. The NPM libraries UAParser.js and Pac-Resolver were also compromised and downloaded millions of times by unwitting developers. 

In the News: A Cybercourt for Cybercriminals has been established on the Dark Web.


In recent years, NPM infection attacks have become more common. It’s ripe for an assault. Millions of developers trust the NPM package library, making it simple for threat actors to sneak corrupted packages that transmit malicious payloads through a trusted service. 

Information stealers to complete remote access backdoors are among the payloads. Different infection techniques are also used by the packages, including typosquatting, dependency confusion, and trojan functionality.

Here’s a list of all the NPM packages that are impacted.

Package Version Payload Method of Infection
prerequests-xcode 1.0.4 Trojan Horse for Remote Access Unknown
discord-selfbot-v14 12.0.3 Grabber of Discord tokens Trojan Horse/Typosquatting (discord.js)
discord-lofy 11.5.1 Grabber of Discord tokens Trojan Horse/Typosquatting (discord.js)
discordsystem 11.5.1 Grabber of Discord tokens Trojan Horse/Typosquatting (discord.js)
discord-vilao 1.0.0 Grabber of Discord tokens Trojan Horse/Typosquatting (discord.js)
fix-error 1.0.0 PirateStealer is a fictional character (Discord malware) Trojan
wafer-bind 1.1.2 Stealer of environmental variables Wafer-* typosquatting
wafer-toggle 1.15.4 Stealer of environmental variables Wafer-* typosquatting
wafer-autocomplete 1.25.0 Stealer of environmental variables Wafer-* typosquatting
wafer-beacon 1.3.3 Stealer of environmental variables Wafer-* typosquatting
wafer-caas 1.14.20 Stealer of environmental variables Wafer-* typosquatting
wafer-geolocation 1.2.10 Stealer of environmental variables Wafer-* typosquatting
wafer-image 1.2.2 Stealer of environmental variables Wafer-* typosquatting
wafer-form 1.30.1 Stealer of environmental variables Wafer-* typosquatting
wafer-lightbox 1.5.4 Stealer of environmental variables Wafer-* typosquatting
octavius-public 1.836.609 Stealer of environmental variables Wafer-* typosquatting
mrg-message-broker 9998.987.376 Stealer of environmental variables Dependency ambiguity

Malware that steals Discord tokens is also on the increase, and for a variety of reasons. Discord servers, for example, may be used to operate a remote access trojan or even an entire botnet from an anonymous command and control server. Using webhooks, Discord may potentially be used as an anonymous data exfiltration conduit.

Hacked Discord accounts may also be used to propagate malware to the account owner’s friends, which is a somewhat successful technique of swiftly infecting a large number of PCs.

Finally, Discord offers a premium service known as ‘Nitro.’ The service costs about $100 per year and gives the customer aesthetic enhancements as well as the opportunity to ‘boost’ their preferred servers. Premium accounts are often hacked and sold for a fraction of the membership amount. 

On Facebook, Meta announces a month-long “Stars Fest.”

When he’s not writing/editing/shooting/hosting all things tech, he streams himself racing virtual vehicles. Yadullah may be reached at [email protected], or you can follow him on Instagram or Twitter.

Watch This Video-

The “cyber attack discord may 27, 2021” is a problem that has been present for a while. 17 NPM packages were found to be infected with malware.

Related Tags

  • bitcoin stealing malware
  • discord steal
  • discord malware
  • what is npm
  • discord vulnerabilities 2021

Continue Reading

Previous: How to Convert Youtube to MP4 iPhone
Next: How to use gaming mouse buttons?

Trending Now

Griffin Gaming Partners is committed to supporting the growth of the Turkish mobile gaming industry istanbulbased spyke griffin turkishlundentechcrunch 1

Griffin Gaming Partners is committed to supporting the growth of the Turkish mobile gaming industry

March 24, 2023
Turkey’s Spyke raises $55M in a seed round istanbulbased spyke partners turkishlundentechcrunch 2

Turkey’s Spyke raises $55M in a seed round

March 24, 2023
The $55 million seed round is a record-breaking amount for a social mobile gaming company spyke griffin gaming partners turkishlundentechcrunch 3

The $55 million seed round is a record-breaking amount for a social mobile gaming company

March 24, 2023
How much money is Navi raising in its IPO? flipkart sachin bansal navi ipo 440msinghtechcrunch 4

How much money is Navi raising in its IPO?

March 24, 2023
Flipkart founder’s Navi raises $440 million in Series B funding sachin bansal ipo india 440msinghtechcrunch 5

Flipkart founder’s Navi raises $440 million in Series B funding

March 24, 2023
PayMongo has raised a total of $12M in funding to date philippinesbased paymongo 12m series september stripeshutechcrunch 6

PayMongo has raised a total of $12M in funding to date

March 24, 2023

Related Stories

Who is Bedoya? bedoya commission democratickelly theverge
12 min read

Who is Bedoya?

84
How the FTC can fix the data privacy ‘crisis’ senate trade commission democratickelly theverge
12 min read

How the FTC can fix the data privacy ‘crisis’

59
The Graph Foundation’s mission and goals foundation 50m tiger global graphossingerbloomberg
8 min read

The Graph Foundation’s mission and goals

62
The Graph Foundation is committed to building an open, decentralized future graph foundation 50m global graphossingerbloomberg
9 min read

The Graph Foundation is committed to building an open, decentralized future

66
The Graph Foundation is one of the latest organizations to receive funding from Tiger Global graph foundation tiger global the graphossingerbloomberg
8 min read

The Graph Foundation is one of the latest organizations to receive funding from Tiger Global

54
The Reliable Nicolás Lapentti
2 min read

The Reliable Nicolás Lapentti

73
  • T&C
  • Privacy Policy
  • Contact Us
Copyright © All rights reserved For BagelTechNews.com