The existence of this malevolent code was
discovered last week, but it was only on Monday, November 26, when researchers were able to determine what the highly darkened malevolent code really did.
Dormant While not in Use
Node.js streaming data.
Right9ctrl earlier released Event-Stream 3.3.6 which had a new dependency on Flatmap-Stream library V0.1.1, the place where the malevolent code was stored.
Users on GitHub, Hacker News and Twitter, said that this malevolent code lays inactive until it’s applied inside the source code of the desktop & mobile wallet App
Copay which was developed by BitPay, a Bitcoin payments platform.
Once the malevolent code has been assembled and launched inside infected versions of the Copay wallet App, it will swindle clients’ wallet data, and then transfer it to copayapi.host URL with port 8080.
Experts believe that the hacker used this data to empty victims’ wallets. According to the
blog post, the team from Copay revealed that all versions ranging from 5.0.1 to 5.1.0 were regarded infected and advised clients to update to the latest versions such as 5.2.0 or later.
Not just Once
July, 2018, a hacker infected the ESLint library with malevolent code which was created to steal the NPM particulars of other developers.
May this year, a hacker attempted to conceal a backdoor in another famous NPM package called getcookies.