Malicious Package Affecting hooka-tools package, versions *
Threat Intelligence
Exploit Maturity
Mature
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID npm:hooka-tools:20171025
- published 25 Oct 2017
- disclosed 25 Oct 2017
- credit Aurélio A. Heckert
How to fix?
Avoid usage of this package altogether.
Overview
hooka-tools
is a malicious package that runs a cryptocoin miner in the background.
CVSS Scores
version 3.1