← Timeline
Avatar
unidentified
npm package deletes files to protest Ukraine war

Идиот

Select versions (10.1.1 and 10.1.2) of the massively popular 'node-ipc' package were caught containing malicious code that would overwrite or delete arbitrary files on a system for users based in Russia and Belarus. These versions are tracked under CVE-2022-23812.

On March 8th, developer Brandon Nozaki Miller, aka RIAEvangelist released open source software packages called peacenotwar and oneday-test on both npm and GitHub.

The packages appear to have been originally created by the developer as a means of peaceful protest, as they mainly add a "message of peace" on the Desktop of any user installing the packages.

"This code serves as a non-destructive example of why controlling your node modules is important," explains RIAEvangelist.

"It also serves as a non-violent protest against Russia's aggression that threatens the world right now."

But, chaos unfolded when select npm versions of the famous 'node-ipc' library—also maintained by RIAEvangelist, were seen launching a destructive payload to all data and overwrite all files of users installing the package.

Interestingly, the malicious code, committed as early as March 7th by the dev, would read the system's external IP address and only delete data by overwriting files for users based in Russia and Belarus.

https://snyk.io/blog/peacenotwar-malicious-npm-node-ipc-package-vulnerability/
https://www.bleepingcomputer.com/news/security/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war/

💡👍😮3
To react or comment  View in Web Client
Comments (4)
Avatar placeholder

Еще раз о пользе собственных решений и рисках заносных...

Avatar

Я совершенно не понимаю, как люди живут в жаваскриптовой экосистеме - там реально любой дятел может разрушить цивилизацию

👍1
Avatar placeholder

И дятлов максимум, тк JS прост для чайника. По сути, поэтому его и начали тулить везде: чтобы мартышка типа меня могла программировать для всего. Причем большая часть мартышек свой уровень не понимает.

Avatar

Поэтому, наверное, я и на Сях до сих пор.

To react or comment  View in Web Client