Security News > 2021 > April > New Linux, macOS malware hidden in fake Browserify NPM package
A new malicious package has been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems.
The malicious package is called "Web-browserify," and imitates the popular Browserify npm component downloaded over 160 million times over its lifetime.
As of today, the ELF malware contained with the component has a zero detection rate by all leading antivirus engines.
One such component is the cross-platform "Sudo-prompt" module that is used by run to prompt the user for granting the malware root privileges on both macOS and Linux distributions.
Despite the malware engaging in outright nefarious activities by abusing legitimate open-source components, it has a perfect zero score on VirusTotal, at the time of our analysis.
The discovery of yet another npm malware comes after dependency confusion malware was seen targeting known tech companies.
News URL
Related news
- Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware (source)
- DinodasRAT malware targets Linux servers in espionage campaign (source)
- Bogus npm Packages Used to Trick Software Developers into Installing Malware (source)
- Ebury botnet malware infected 400,000 Linux servers since 2009 (source)
- Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years (source)