GMS-2020-14: Malicious Package

September 4, 2020 (updated October 4, 2021)

All versions of 1337qq-js contain malicious code. The package exfiltrates sensitive information through install scripts. It targets UNIX systems. The information exfiltrated includes:

Environment variables
Running processes
/etc/hosts
uname -a
npmrc file Remove the package from your system and rotate any compromised credentials.

References

github.com/advisories/GHSA-7wgh-5q4q-6wx5
www.npmjs.com/advisories/1455

Code Behaviors & Features

Detect and mitigate GMS-2020-14 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →