VYPR

npm · Malicious package advisory

Malware

error-ex

GHSA-5g7q-qh7p-jjvm

Duplicate Advisory: Malware in error-ex

Details

**Severity:** Critical

**Affected versions:** `= 1.3.3`

### Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-6jp5-hh4c-8c5h. This link is maintained to preserve external references.

### Original Description
Any computer that has this package installed or running should be considered affected by a browser-based interceptor that hijacks network traffic and application APIs. The interceptor injects itself into functions related to web traffic and cryptocurrency wallets. The interceptor replaces values such as wallet addresses in transaction payloads and modifies the UI to hide its activity.

**References:**
- https://github.com/github/advisory-database/issues/6099
- https://github.com/Qix-/node-error-ex/security/advisories/GHSA-6jp5-hh4c-8c5h
- https://github.com/advisories/GHSA-5g7q-qh7p-jjvm

Compromised versions (1)

  • = 1.3.3

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.