Security News > 2021 > April > New Linux, macOS malware hidden in fake Browserify NPM package
A new malicious package has been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems.
The malicious package is called "Web-browserify," and imitates the popular Browserify npm component downloaded over 160 million times over its lifetime.
As of today, the ELF malware contained with the component has a zero detection rate by all leading antivirus engines.
One such component is the cross-platform "Sudo-prompt" module that is used by run to prompt the user for granting the malware root privileges on both macOS and Linux distributions.
Despite the malware engaging in outright nefarious activities by abusing legitimate open-source components, it has a perfect zero score on VirusTotal, at the time of our analysis.
The discovery of yet another npm malware comes after dependency confusion malware was seen targeting known tech companies.
News URL
Related news
- New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking (source)
- Linux malware “perfctl” behind years-long cryptomining campaign (source)
- Linux systems targeted with stealthy “Perfctl” cryptomining malware (source)
- New FASTCash malware Linux variant helps steal money from ATMs (source)
- New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists (source)
- macOS HM Surf vuln might already be under exploit by major malware family (source)
- BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers (source)
- Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)