Hacker News new | ask | show | jobs
by thrdbndndn 1693 days ago
What exactly is the malicious code? I assume it's in `compile.js` and only can be found in published (now removed) npm package instead of source code repo?
1 comments
perihelions 1693 days ago
There's some details here:

https://www.bleepingcomputer.com/news/security/popular-coa-n...

>"Based on our analysis and information seen thus far, the malware is likely the Danabot password-stealing Trojan for Windows."

link