Crypto Chaos: Rspack’s npm Packages Infiltrated with Mining Malware!
Rspack’s npm packages were hijacked, delivering a crypto miner to unsuspecting users. The rogue versions collected sensitive info and targeted specific countries. Developers quickly unpublished the malicious versions. Socket advises stricter safeguards, but admits nothing’s bullet-proof—just like trying to keep a toddler away from a cookie jar!
Hot Take:
Looks like Rspack’s npm packages just got a side gig as crypto miners! Maybe they should get a raise—or at least some antivirus software. When software supply chain attacks start dressing up as Robin Hood, you know it’s time to lock the gates and maybe throw away the key. “You get a miner! You get a miner!” said no developer ever. Sorry, Oprah.
Key Points:
- Rspack’s npm packages @rspack/core and @rspack/cli were compromised, hosting cryptocurrency mining malware.
- Versions 1.1.7 of the packages were unpublished; version 1.1.8 is safe.
- The attack targeted machines in specific countries, hinting at a selective hacker with a geopolitical agenda.
- Malware executed via a postinstall script, sneakily mining XMRig cryptocurrency on Linux hosts.
- Rspack has taken measures to secure its packages, but the possibility of future attacks remains a concern.
Already a member? Log in here