| ▲ | rektomatic 6 hours ago | |||||||
I really want to know what would've happened with an npm install, I guess something boring like crypto mining or identity theft? | ||||||||
| ▲ | flexagoon 6 hours ago | parent | next [-] | |||||||
AFAIK most malware like this first sends the contents of your environment variables, ssh keys, passwords, etc. to the server, and then sets up a persistent process that executes arbitrary commands received from the attacker's server at any time, allowing them to run whatever else they want | ||||||||
| ▲ | imankulov 6 hours ago | parent | prev | next [-] | |||||||
You can actually test it yourself. The actual URL is in the post and the website is still up. | ||||||||
| ||||||||
| ▲ | phyzome an hour ago | parent | prev | next [-] | |||||||
Compromise of developer's access, API keys, etc. in order to create a supply chain attack. | ||||||||
| ▲ | gman2093 6 hours ago | parent | prev | next [-] | |||||||
Arbitrary remote code execution, maybe sold to the highest bidder like some shady cloud provider? | ||||||||
| ▲ | TurdF3rguson 2 hours ago | parent | prev [-] | |||||||
This has happened to me, it was an attack that was trying to get crypto private keys (ethereum) | ||||||||