GitHub is aware of potential NPM security issues. How NPM is vulnerable to malware and what GitHub does about it
#Restoretools pkg files download#
As a result, our NPM module installation would download infected packages, and we can call that scenario a NPM malware vulnerability. Rather, the real threat is that these external dependencies would be compromised and the authors would lose control of them. These may be deliberate actions by their creators, although this is unlikely. It is easy to imagine a situation when our project has external libraries connected, which suddenly stop working as we expect. It is both a blessing and a curse for such a solution. These dependencies would be installed together with the project. We can also add various dependencies to our project, in the package.json file.
#Restoretools pkg files install#
So, if we want to include a given package in our project, for example, “lodash” (helps with arrays and numbers), just install it with npm install. The README file does, however, contain a warning: You can find njRAT on GitHub if someone is interested in it. This tool allows keylogging, access to the camera, stealing passwords stored in browsers, manipulating files, etc. Unfortunately, their installation downloaded and launched a Trojan called njRAT, which made it possible to execute remote commands. Everything was cleverly prepared, and the packages felt legitimate. Seemingly, these were sensible tools to make a database out of JSON files. In December 2020 new malicious packages were found in NPM. I recommend reading the Ransomware attacks on GitHub, Bitbucket, and GitLab article to get a better insight into this topic. A particularly popular type is ransomware, which blocks access to our systems (often by encrypting data) and then demands a ransom to unblock access. This slogan covers all kinds of viruses, trojans, spywares, keyloggers, and many other harmful types of software. Malware is a fairly broad term referring to all programs that are harmful to our system or ourselves – its users. External scripts may quite easily execute any malware. Currently, when creating an IT system, we are rarely entirely its authors, so we do not always have 100% control. The popularity of NPM packages is also of great importance here. Especially now, when in recent years the popularity of solutions based on external, dynamically loaded dependencies, such as entire libraries or individual functions, has grown. You may even get the impression that the number of things that have to be done grows more and more with time. Security professionals always have a lot of work to do.
0 kommentar(er)
