failIncident: Malware

Scanned:

node-dlls

latest

removed

malicious

Research

Advanced kernel package

License: Permissive (ISC)

Published:

See on npm

SAFE Assessment

Compliance

Licenses

No license compliance issues

Secrets

No sensitive information found

Security

Vulnerabilities

No known vulnerabilities detected

Hardening

No application hardening issues

Threats

Tampering

1 suspicious application behaviors

Malware

4 supply chain attack artifacts

IMPORTANT: All versions of this package have been malicious

Latest malware incident detected:

Version: 1.0.0

INCIDENTS:

removal

Reported By: Community

malware

Reported By: ReversingLabs (Researcher)

Learn more about malware detection

malware

Reported By: Community (OpenSSF)

More info

malware

Reported By: Community (Snyk)

More info

malware

Reported By: Community (Socket)

More info

malware

Reported By: Community (The Hacker News)

More info

List of software behaviors discovered with static code analysis.

Info

Count

Prevalence in npm community

Behavior commonly used by malicious software (Important)

Behavior uncommon for this community (Uncommon)

0 packages

found in

Top 100

0 packages

found in

Top 1k

3 packages

found in

Top 10k

7069 packages

in community

Executes files during installation or upon launch.1

execution

Prevalence in npm community

No behavior prevalence information at this time

Contains URLs with unusual hostname lengths.1

network

Prevalence in npm community

Behavior often found in this community (Common)

7 packages

found in

Top 100

52 packages

found in

Top 1k

886 packages

found in

Top 10k

616361 packages

in community

The software package does not declare any source code repository.1

anomaly

Prevalence in npm community

No behavior prevalence information at this time

Contains a reference to a common dynamic library or an executable file.1

execution

Prevalence in npm community

Behavior often found in this community (Common)

6 packages

found in

Top 100

12 packages

found in

Top 1k

308 packages

found in

Top 10k

43386 packages

in community

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.