Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware
Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware called TurkoRat.
The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded approximately 1,200 times and were available for more than two months before they were identified and taken down.
ReversingLabs, which broke
The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded approximately 1,200 times and were available for more than two months before they were identified and taken down.
ReversingLabs, which broke
React to this headline: