Malware Report
Title
Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub
Report Author
Jan 23, 2024Newsroom
Updated At
1705989600000
Description
Did you download Warbeast2000 or Kodiak2k from npm? If so, your SSH keys might be compromised! These packages steal keys & upload them to GitHub.
Malware Packages (2)
The following malware packages were identified in this report.
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |
|---|---|---|---|---|---|
| NPM Module | kodiak2k | Did you download Warbeast2000 or Kodiak2k from npm? If so, your SSH keys might be compromised! These packages steal keys & upload them to GitHub. | |||
| NPM Module | warbeast2000 | Did you download Warbeast2000 or Kodiak2k from npm? If so, your SSH keys might be compromised! These packages steal keys & upload them to GitHub. | |||
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |