Newly Found npm Malware Mines Cryptocurrency on Windows, Linux, mac...

Advisories

Discover Hacks/Cracks News

Newly Found npm Malware Mines Cryptocurrency on Windows, Linux, macOS Devices

Newly Found npm Malware Mines Cryptocurrency on Windows, Linux, macOS Devices

Multiple malicious packages have been identified on the npm registry this month. These packages disguise themselves as legitimate JavaScript libraries, but have been caught launching cryptominers on Linux, Windows and MacOS machines.

The malicious packages are:

  • okhsa
  • klow
  • klown

“klow, klown” have been tracked under Sonatype-2021-1472. Whereas, “okhsa” has been cataloged under Sonatype-2021-1473.

Different versions of the “okhsa” package largely contain skeleton code that launches the Calculator app on Windows machines pre-installation. But additionally, these versions contain either the “klow” or the “klown” npm package as a dependency—which is malicious.

 

 

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.