Beware: Sneaky NPM Packages Wreak Havoc on WhatsApp Devs with Data-Wiping Trickery!

Beware the WhatsApp wipers! Two NPM packages, naya-flore and nvlore-hsc, pose as helpful tools but pack a punch with data-wiping code. Developers, don’t let your code go on a permanent vacation—check your downloads before it’s too late!

3P
Published: August 7, 2025 9:47 pmAdded: August 7, 2025 at 3:21 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like some nefarious folks are really trying to crash the WhatsApp developer party, bringing data-wiping and chaos as their plus-ones! Who knew code could be such a party pooper?

Key Points:

  • Two malicious NPM packages, naya-flore and nvlore-hsc, masquerade as WhatsApp development tools but are actually data-wipers.
  • The packages have been downloaded over 1,100 times and contain a kill switch that spares certain Indonesian phone numbers.
  • Despite takedown requests, the packages are still available on NPM at the time of writing.
  • A dormant data exfiltration function, though currently inactive, suggests potential for further malicious activity.
  • Similar threats exist in the Go ecosystem, with 11 packages using obfuscation to execute harmful payloads.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?