Backdoor in Popular JavaScript Library Set to Steal Cryptocurrency

A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet.

The affected package is Event-Stream, built to simplify working with Node.js streaming modules and it is available through the repository.

Although the malicious code was discovered last week, researchers were able to determine its purpose recently, when they managed to decrypt and deobfuscate it.

They found that earlier versions of the library that are still in use include a new component, ‘flatmap-stream’ version 0.1.1, that contains dangerous code. It was introduced three months ago after Dominic Tarr, the original developer of Event-Stream, gave up the library and passed it to another developer, right9ctrl.

Read more…
Source: Bleeping Computer