Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
heart-attack
Advanced tools
node.js
virus example. It will :
title
tags in any HTML pages discovered in the systempackage.json
to spread more rapidlyNow that you know you should never use this on any machine that could push public code, or be exposed to the internet, and that you should only use this on isolated, sandboxed and secure VMs, continue to read below at your own risk. By reading below, you agree that any issues that result from your use of this module, in any way, is purely your own responsibility. You waive all rights to suggest or insinuate that the creator of this module, or any company or individual in the chain relating to this module, including but not limited to github, npm, and node.js etc. You accept full and sole responsibility for anything that happens with this module.
Clone this repo and then run npm start
in the terminal. Your VM will be full of hidden ❤️s. This whyris will also inject itself into any other npm packages on the VM so that they can help spread the love of ❤️s.
FAQs
heart-attack self replicating virus node-js
The npm package heart-attack receives a total of 3 weekly downloads. As such, heart-attack popularity was classified as not popular.
We found that heart-attack demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.