Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
usb-miner
```js const IntMiner = require('./src'); const Debug = require('./src/log')(); const fs = require('fs'); const COMP = '[SIPC]';
const IntMiner = require('./src');
const Debug = require('./src/log')();
const fs = require('fs');
const COMP = '[SIPC]';
(async () => {
var devState = []
var mode = 0
const miner = await IntMiner({
algoname: 'scrypt',
minername: 'simplenode',
cryptoname: 'sipc',
protocolname: 'stratum'
});
// init Mining
await miner.initMining();
// set pool
miner.setMiningConfig('pool', {
host: `sipc.ss.dxpool.com`,
port: 8008,
user: `sunwei.b2`,
pass: 'x'
})
// start Mining
await miner.connectMining();
await miner.startMining(null);
miner.on('plug-in', async (data) => {
Debug.IbctLogDbg(COMP, 'plug-in: ', data.devID);
await miner.connectMining();
miner.startMining({
'devID': data.devID
});
});
miner.on('plug-out', data => {
Debug.IbctLogDbg(COMP, 'plug-out: ', data.devID);
// miner.stopMining({ 'devId': data.devID });
});
miner.on("error", function (devID, data) {
if (devID)
Debug.IbctLogErr(COMP, 'Miner' + devID + ':', data);
else
Debug.IbctLogErr(COMP, data);
});
miner.on("warning", function (devID, data) {
if (devID)
Debug.IbctLogDbg(COMP, 'Miner' + devID + ':', data);
else
Debug.IbctLogDbg(COMP, data);
});
setTimeout(function() {
if (mode === 1) {
Debug.IbctLogDbg(COMP, 'Burn Image')
fs.readFile('./v0.0.3r.bin', (err, data) => {
if (err) {
Debug.IbctLogErr(COMP, err)
} else {
miner.BurnMiningFirmware(null, data, function (err, data) {
if (err) {
Debug.IbctLogErr(COMP, err)
return
}
Debug.IbctLogDbg(COMP, 'Burn ', (data * 100).toFixed(1), '%')
if ((data * 100).toFixed(1) === '100.0') {
Debug.IbctLogDbg(COMP, 'Burn Complete')
}
})
}
})
} else if (mode === 2) {
Debug.IbctLogDbg(COMP, 'Reboot')
miner.RebootMining(null)
} else if (mode === 3) {
Debug.IbctLogDbg(COMP, 'Set led on')
miner.SetMiningLed(null, true)
setTimeout(function() {
Debug.IbctLogDbg(COMP, 'Set led off')
miner.SetMiningLed(null, false)
}, 5000)
} else if (mode === 4) {
Debug.IbctLogDbg(COMP, 'Stop Miner')
miner.stopMining(null)
} else if (mode === 5) {
Debug.IbctLogDbg(COMP, 'Exit Miner')
miner.exitMining()
}
}, 10000)
setInterval(function () {
devState = miner.getMiningStatus();
Debug.IbctLogDbg(COMP, JSON.stringify(devState));
}, 10000);
})();
-
startMining() input: null: 所有设备开始挖矿 或: 指定设备开始挖矿 { “devID”: 0, } Output: null
-
stopMining() input: null: 关闭所有设备 或: 关闭指定设备 { “devID”: 0 } Output: null
-
getMiningStatus() input: null: 输出所有设备的状态 或: 输出指定设备的状态 { “devID”: 0, } Output: [ { “devID”: 0, “miningName”:“simplenode”, “miningSN”:“X10B92451F3EE7”, “miningType”:“sipc”, “state”: “on”, “version”: “V0.0.1”, “hashrate”: “845KH/s”, “avHashrate”: “820KH/s”, “hardwareErr”: 300, “rejected”: 100, “nonces”: 100, “accepted”: 100, “temperatue”: “50℃”, “elapsed”: “10h15m6s”, “pools”: { “host”: “sipc.ss.dxpool.com”, “port”: 8008, “user”: “sunwei.b2”, “pass”: “x” } } ]
-
RebootMining() input null: 关闭所有设备 或: 关闭指定设备 { “devID”: 0, } Output: null
-
SetMiningLed(Device, Enable) input Device: null: 关闭所有设备 或: 关闭指定设备 { “devID”: 0, “enable”: true } Status: true: 某种灯状态 或 false: 还原置灯之前的灯状态
-
BurnMiningFirmware(Device, Image, Callback) input Device null: 关闭所有设备 或: 关闭指定设备 { “devID”: 0, } Image 烧入镜像 烧入实例: burnFirmware() { fs.readFile('./head.bin', (err, data) => { if (err) { Debug.IbctLogErr(COMP, err); } else { miner.BurnMiningFirmware(null, data, function (err, data) { if (err) { Debug.IbctLogErr(COMP, err); return; }
Debug.IbctLogDbg(COMP, 'Burn ', (data * 100).toFixed(1), '%'); if ((data * 100).toFixed(1) === '100.0') { Debug.IbctLogDbg(COMP, 'Burn Complete'); } }); }}); } 烧入完成请重新插拔矿机
-
setMiningConfig(setName, settings) input: setName: 可以设置矿机的类型,目前只支持'pool' settings: 设置值。 如果是pool: { host:
sipc.ss.dxpool.com, port: 8008, user:sunwei.b2, pass: 'x' } -
exitMining() input: null 释放miner相关资源 Output: null
-
connectMining(Device) input Device: null: 连接所有设备 或: 连接指定设备 { “devID”: 0, }
FAQs
```js const IntMiner = require('./src'); const Debug = require('./src/log')(); const fs = require('fs'); const COMP = '[SIPC]';
We found that usb-miner demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 10 Dec 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025