Malicious Package in bwffer-xor

2020-09-03T22:46:25
ID GHSA-7QG7-6G3G-8VXG
Type github
Reporter GitHub Advisory Database
Modified 2020-09-03T22:46:25

Description

Version 2.0.2 contained malicious code. The package targeted the Ethereum cryptocurrency and performed transactions to wallets not controlled by the user.

Recommendation

Remove the package from your environment. Ensure no Ethereum funds were compromised.