Popular JavaScript Library Infected By Malicious Code To Steal Cryptocurrency


A malicious code has infected Event-stream JavaScript library with the intention of stealing cryptocurrency from digital wallets. The popular JavaScript library is created to ease working with Node.js streaming modules, and is available via npmjs.com repository.

The malicious code in the package caught the eye of researchers last week. Today, it has been revealed that the library was infected to steal cryptocurrency when researchers decrypted and deobfuscated the code.

Researchers found that a new component named ‘flatmap-stream’ version 0.1.1 has been infected by dangerous code. The component was added after the original developer Dominic Tarr passed on the rights of the library to another developer named right9ctrl.

According to the researchers investigating the code, targets are libraries linked to Copay Bitcoin wallet app that is available for mobile as well as desktop users.

The harmful code steals the coins in the Copay wallet and then tries to connect to copayapi.host with IP address located in Malaysia.

Malicious code in Javascript library
Bleeping Computer

On the positive side, the new developer posted an updated version of the library two months ago without the malicious code and, therefore, there is no risk involved in downloading the library via npm manager.

As per the users on GitHub, the developer who infected the library added the code in the major version of the library and not its updated version to hide the tracks.

Also Read: How to Disable Cortana In Windows 10? [Working In 2018-19]
Anmol Sachdeva

Anmol Sachdeva

Anmol is a tech journalist who handles reportage of cybersecurity and Apple and OnePlus devices at Fossbytes. He's an ambivert who is striving hard to appease existential crisis by eating, writing, and scrolling through memes.
More From Fossbytes

Latest On Fossbytes

Find your dream job