News for Admins

Tech News

Malware Discovered in npm Registry

If you work with npm, you should be warned of a piece of malware called web-browserify. This new piece of malicious software imitates the official Browserify component, which uses a node-style require() to organize browser code and load modules installed by npm.

This malware, which falls under the label "brandjacking," has been associated with the Browserify component, because of its massive popularity (with over 1.3 million weekly downloads via npm).

As soon as web-browserify is installed, it launches its payload and targets Node.JS developers. This package was only about 27MB in size and included one version (1.0.0). Within the package is a postinstall.js file that extracts an archive named run.tar.xz, which includes an ELF binary named run (the actual malicious payload).

Very soon after it was discovered, web-browserify was taken down from the npm repository. That doesn't mean, however, that it hasn't been mistakenly installed. To find out if web-browserify was installed on your system, issue the command npm list. If you find the app installed, remove it with the command npm uninstall web-browserify. However, even if you remove the package, the malicious code probably already has been launched, and you'll need to take other measures.

To find out more about web-browserify, check out Sonatype's blog (https://blog.sonatype.com/damaging-linux-mac-malware-bundled-within-browserify-npm-brandjack-attempt) about the discovery.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
	</a>

<hr>		    
			</div>
		    		</div>

		<div class=