According to the npm security team, the package discloses sensitive information by installing scripts and only for UNIX systems.
The types of data it collects include:
Running the process
/ etc / hosts
In fact, this is the sixth time a malware package has been placed in the npm repository index, and the previous five were:
June 2019 – Hackers place a backdoor operation on the electronic local notification library to insert malicious code that reaches the Agama cryptocurrency wallet.
November 2018 – A hacker borrows the event-stream npm package to load malicious code inside the BitPay Copay desktop and mobile wallet applications and steal cryptocurrencies.
July 2018 – Hackers break the ESLint library with malicious code designed to steal npm credentials from other developers.
May 2018 – Hackers try to hide a backdoor in a popular npm package called get cookies.