Lucene search

K
nodejsMicrosoft Vulnerability ResearchNODEJS:1249
HistoryOct 25, 2019 - 5:53 p.m.

Malicious Package

2019-10-2517:53:55
Microsoft Vulnerability Research
www.npmjs.com
9

Overview

Version 2.0.2 contained malicious code. The package targeted the Ethereum cryptocurrency and performed transactions to wallets not controlled by the user.

Recommendation

Remove the package from your environment. Ensure no Ethereum funds were compromised.

References

GitHub Advisory