Security News > 2020 > November > Malicious NPM project steals Discord accounts, browser info
A heavily obfuscated and malicious NPM project is used to steal Discord user tokens and browser information from unsuspecting users.
Due to this open system, it is becoming common for malicious actors to upload malicious modules that steal data, download and execute programs, or perform malicious behavior when used in other projects.
On August 25th, 2020, NPM removed a malicious package called "Fallguys" designed to steal Discord tokens and browser information from Google Chrome, Brave Browser, Opera, and Yandex Browser.
Today, open-source security firm Sonatype discovered another malicious module that steals browser information and Discord tokens called 'discord.
Sonatype researcher Ax Sharma told BleepingComputer that it is common for malicious NPM projects to utilize names similar to legitimate projects to trick developers into using them.