Silently Runs Cryptocoin Miner

Module: hooka-tools

Published: October 25th, 2017

Reported by:

CVE-NONE

CWE-506

Vulnerable: All
Patched: None

Overview

Affected versions of hooka-tools were compromised and modified to silently run a cryptocoin miner in the background.

All affected versions have been unpublished from the npm registry.

Remediation

While this module has been unpublished, some versions may exist in mirrors or caches. Do not install this module, and remove it if found.