NODE.JS PUSHES MALWARE #2

New node-ipc update deletes your harddrive if you have a russian or belarusian ip address. Pushed via github and NPM (node.js package manager).

They didn't troll russians though; they ended up deleting evidence of russian war crimes against ukranians and leftist NGO's are going to have them arrested for terrorism.

github com/RIAEvangelist/node-ipc/issues/
reddit com/r/linux/comments/tg9zk1/the_authors_of_nodeipc_have_pushed_malware_in_an/

lulz to be had in the node-ipc github

FOSSfags on suicidewatch

Attached: 1647566211411.png (1824x948, 946.98K)

Other urls found in this thread:

theregister.com/2022/03/18/protestware_javascript_node_ipc/
bleepingcomputer.com/news/security/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war/
security.snyk.io/vuln/SNYK-JS-NODEIPC-2426370
nvd.nist.gov/vuln/detail/CVE-2022-23812
gist.github.com/MidSpike/f7ae3457420af78a54b38a31cc0c809c
twitter.com/electricCowboyR
github.com/IdealismIncinerator/node-ipc/blob/master/README.md
github.com/RIAEvangelist/node-ipc/pull/471
plusnigger.autism.exposed/
instagram.com/electriccowboyracing/
www
anyforums.com/
twitter.com/SFWRedditImages

previous thread:
CVE
nvd nist gov/vuln/detail/CVE-2022-23812

rip evidence of 30,000 war crimes that definitely existed

>definitely existed
If it ends up with that ginger faggot in jail, all the better.

incredible

fuck trannies and fuck npm

>Articles
theregister.com/2022/03/18/protestware_javascript_node_ipc/
bleepingcomputer.com/news/security/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war/
>CVEs
security.snyk.io/vuln/SNYK-JS-NODEIPC-2426370
nvd.nist.gov/vuln/detail/CVE-2022-23812
>Repro/Breakdown
gist.github.com/MidSpike/f7ae3457420af78a54b38a31cc0c809c
>Twitter
twitter.com/electricCowboyR

Attached: 1640944501409.png (1858x3292, 936.15K)

>can't into using test or staging before moving shit into production
>not auditing what you pull in

got what they fucking deserved desu

I'm still trying to figure out if the async issues would actually allow the code to delete files on your PC or not.
Bit lazy as to run it in a vm tho.

>not auditing what you pull in
The node-ipc package didn't have much of an update to be audited for. What happened here was the dev created the malware package, then went back to node-ipc and included the malware as a dependency in order for node-ipc to run then force pushed an update. Even if audited, it was obfuscated by the dev in an attempt to actively hide it. On top of this, node-ipc is very heavily used even by large companies and programs like Unity, because of this Unity actually ended up directly installing this malware into its own users computers.