Spectra Assure
Community
Docs

0g-storage-contractsv2.0.0

malicious
License: Permissive (ISC)
npm
Published: about 2 months ago
Internal package
Fail
Incident: Malware
4 supply chain attack artifacts
Incidents
Type: malwareReported By: ReversingLabs (Researcher) Reported: about 2 months ago
Learn more about malware detection
Type: malwareReported By: Community (Snyk)Reported: about 1 month ago
Type: malwareReported By: Community (GitHub Advisory)Reported: about 1 month ago
Type: malwareReported By: Community (NPM)Reported: about 1 month ago
Type: malwareReported By: Community (OpenSSF)Reported: about 2 months ago

SAFE Assessment

Compliance

Licenses
No license compliance issues
Secrets
No sensitive information found

Security

Vulnerabilities
No known vulnerabilities detected
Hardening
No application hardening issues

Threats

Tampering
1 suspicious application behaviors
Malware
4 supply chain attack artifacts

Issues

See all issues
high
Detected presence of files containing domains used for intercepting and inspecting HTTP requests.
hunting
high
Detected presence of files with behaviors similar to malicious packages published on NPM.
hunting
high
Detected presence of malicious files through analyst-vetted file reputation.
threats
high
Detected presence of known software supply chain attack artifacts.
threats
medium
Detected presence of files containing domains related to out-of-band application security testing tools.
hunting

Behaviors

See all behaviors
Enumerates current user's home directory.
search
Contains domains related to OAST (out-of-band application security testing) tools.
network
Connects through HTTP.
network
Contains domains used for intercepting and inspecting HTTP requests.
network
Enumerates user information.
search

Vulnerabilities

critical0
high0
medium0
low0

Downloads

N/A
Recorded Downloads Since 2021

Maintenance

0
Maintainers

Dependencies

0
Declared Dependencies

Dependents

0
Dependents

Issues per Version Graph

Scanned 10 days ago