Malicious Package

2019-10-25T17:54:25
ID NODEJS:1267
Type nodejs
Reporter Microsoft Vulnerability Research
Modified 2019-10-25T17:54:25

Description

Overview

Version 2.0.2 contained malicious code. The package targeted the Ethereum cryptocurrency and performed transactions to wallets not controlled by the user.

Recommendation

Remove the package from your environment. Ensure no Ethereum funds were compromised.