Security News > 2021 > April > New Linux, macOS malware hidden in fake Browserify NPM package
A new malicious package has been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems.
The malicious package is called "Web-browserify," and imitates the popular Browserify npm component downloaded over 160 million times over its lifetime.
As of today, the ELF malware contained with the component has a zero detection rate by all leading antivirus engines.
One such component is the cross-platform "Sudo-prompt" module that is used by run to prompt the user for granting the malware root privileges on both macOS and Linux distributions.
Despite the malware engaging in outright nefarious activities by abusing legitimate open-source components, it has a perfect zero score on VirusTotal, at the time of our analysis.
The discovery of yet another npm malware comes after dependency confusion malware was seen targeting known tech companies.
News URL
Related news
- BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers (source)
- Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- Malicious NPM Packages Target Roblox Users with Data-Stealing Malware (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- New RustyAttr Malware Targets macOS Through Extended Attribute Abuse (source)
- Chinese hackers target Linux with new WolfsBane malware (source)
- Researchers discover first UEFI bootkit malware for Linux (source)