Malware Report
Title
Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware
Report Author
Ravie Lakshmanan
Description
Two npm packages, nodejs-encrypt-agent and nodejs-cookie-proxy-agent, were found to harbor the TurkoRat malware.
Malware Packages (4)
The following malware packages were identified in this report.
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |
|---|---|---|---|---|---|
| NPM Module | axios-proxy | 1.7.3, 1.7.4, 1.7.7, 1.7.9, 1.8.9, 1.9.9 | Two npm packages, nodejs-encrypt-agent and nodejs-cookie-proxy-agent, were found to harbor the TurkoRat malware. | ||
| Pypi Package | chatgpt-api | Patrick Pogoda | Two npm packages, nodejs-encrypt-agent and nodejs-cookie-proxy-agent, were found to harbor the TurkoRat malware. | ||
| NPM Module | nodejs-cookie-proxy-agent | 1.1.0, 1.2.0, 1.2.1, 1.2.2, 1.2.3, 1.2.4 | Two npm packages, nodejs-encrypt-agent and nodejs-cookie-proxy-agent, were found to harbor the TurkoRat malware. | ||
| NPM Module | nodejs-encrypt-agent | 6.0.2, 6.0.3, 6.0.4, 6.0.5 | Two npm packages, nodejs-encrypt-agent and nodejs-cookie-proxy-agent, were found to harbor the TurkoRat malware. | ||
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |