Security News > 2021 > April > New Linux, macOS malware hidden in fake Browserify NPM package

New Linux, macOS malware hidden in fake Browserify NPM package
2021-04-13 18:17

A new malicious package has been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems.

The malicious package is called "Web-browserify," and imitates the popular Browserify npm component downloaded over 160 million times over its lifetime.

As of today, the ELF malware contained with the component has a zero detection rate by all leading antivirus engines.

One such component is the cross-platform "Sudo-prompt" module that is used by run to prompt the user for granting the malware root privileges on both macOS and Linux distributions.

Despite the malware engaging in outright nefarious activities by abusing legitimate open-source components, it has a perfect zero score on VirusTotal, at the time of our analysis.

The discovery of yet another npm malware comes after dependency confusion malware was seen targeting known tech companies.


News URL

https://www.bleepingcomputer.com/news/security/new-linux-macos-malware-hidden-in-fake-browserify-npm-package/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2532 1569 67 4232