Malicious Package Affecting ethers-test package, versions *
Threat Intelligence
Exploit Maturity
Mature
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-JS-ETHERSTEST-8235198
- published 20 Oct 2024
- disclosed 19 Oct 2024
- credit Phylum Research Team
How to fix?
Avoid using all malicious instances of the ethers-test
package.
Overview
ethers-test is a malicious package. This package contains malicious code attempting to steal sensitive data from the victim such as Etherum private keys and gain SSH access to the victim's machine.