New Linux, macOS malware hidden in fake Browserify NPM package

Advisories

Discover Hacks/Cracks News

New Linux, macOS malware hidden in fake Browserify NPM package

New Linux, macOS malware hidden in fake Browserify NPM package

A new malicious package targeting NodeJS developers using Linux and macOS has been discovered hidden in a fake Browserify NPM package.

The malicious package is called "web-browserify," and imitates the popular Browserify npm component downloaded over 160 million times over its lifetime.

web-browserify is itself built by combining hundreds of legitimate open-source components, and performs extensive reconnaissance activities on an infected system.

Moreover, as of today, the ELF malware contained with the component has a zero detection rate by all leading antivirus engines.

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.