Security News > 2021 > April > New Linux, macOS malware hidden in fake Browserify NPM package
A new malicious package has been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems.
The malicious package is called "Web-browserify," and imitates the popular Browserify npm component downloaded over 160 million times over its lifetime.
As of today, the ELF malware contained with the component has a zero detection rate by all leading antivirus engines.
One such component is the cross-platform "Sudo-prompt" module that is used by run to prompt the user for granting the malware root privileges on both macOS and Linux distributions.
Despite the malware engaging in outright nefarious activities by abusing legitimate open-source components, it has a perfect zero score on VirusTotal, at the time of our analysis.
The discovery of yet another npm malware comes after dependency confusion malware was seen targeting known tech companies.
News URL
Related news
- Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- XCSSET macOS malware returns with first new version since 2022 (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)
- The XCSSET info-stealing malware is back, targeting macOS users and devs (source)
- New FrigidStealer Malware Targets macOS Users via Fake Browser Updates (source)
- LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)