Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nodejsVladimir TikhonovNODEJS:763
HistoryJan 09, 2019 - 10:00 p.m.

Malicious Package

2019-01-0922:00:16
Vladimir Tikhonov
www.npmjs.com
4
JSON

Overview

All versions of commander-js are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads an arbitrary file and executes its contents as a post-install script.

Recommendation

This package is not available on the npm Registry anymore. If you happen to find this package in your environment you should consider the system it was installed on compromised and assess if further response (such as rotating all credentials found on the compromised machine) is necessary.

References

GitHub Advisory

CPENameOperatorVersion
commander-jseq*
JSON