A malicious code has infected Event-stream JavaScript library with the intention of stealing cryptocurrency from digital wallets. The popular JavaScript library is created to ease working with Node.js streaming modules, and is available via npmjs.com repository.
The malicious code in the package caught the eye of researchers last week. Today, it has been revealed that the library was infected to steal cryptocurrency when researchers decrypted and deobfuscated the code.
Researchers found that a new component named ‘flatmap-stream’ version 0.1.1 has been infected by dangerous code. The component was added after the original developer Dominic Tarr passed on the rights of the library to another developer named right9ctrl.
According to the researchers investigating the code, targets are libraries linked to Copay Bitcoin wallet app that is available for mobile as well as desktop users.
The harmful code steals the coins in the Copay wallet and then tries to connect to copayapi.host with 111.90.151.134 IP address located in Malaysia.
Source: https://fossbytes.com/javascript-library-infected-by-malicious-code-to-steal-cryptocurrency/
Submitted by: Arnfried Walbrecht
Comments are closed.