Three compromised versions of the node-ipc library, crucial for Node.js environments, have been identified, posing a significant threat to crypto developers. Security firm Slowmist reported on May 14 that versions 9.1.6, 9.2.3, and 12.0.1 of node-ipc were maliciously altered to steal over 90 types of credentials, including AWS keys and .env files, affecting over 822,000 weekly npm downloads.
The attack exploits a dormant maintainer account, allowing the attacker to re-register an expired email domain and gain publish access. The malicious payload, embedded in the CommonJS bundle, activates automatically, exfiltrating data via DNS tunneling. Developers are urged to audit their projects for these versions and revert to clean releases to mitigate credential theft risks.
Malicious Node-ipc Versions Compromise 822K Weekly Downloads, Steal AWS Keys
Haftungsausschluss: Die auf Phemex News bereitgestellten Inhalte dienen nur zu Informationszwecken.Wir garantieren nicht die Qualität, Genauigkeit oder Vollständigkeit der Informationen aus Drittquellen.Die Inhalte auf dieser Seite stellen keine Finanz- oder Anlageberatung dar.Wir empfehlen dringend, eigene Recherchen durchzuführen und einen qualifizierten Finanzberater zu konsultieren, bevor Sie Anlageentscheidungen treffen.