Malicious Package in js-wha3

2020-09-03T23:12:48
ID GHSA-785G-GX74-GR39
Type github
Reporter GitHub Advisory Database
Modified 2020-09-03T23:12:48

Description

Version 0.8.0 contained malicious code. The package targeted the Ethereum cryptocurrency and performed transactions to wallets not controlled by the user.

Recommendation

Remove the package from your environment. Ensure no Ethereum funds were compromised.