Press Release
A well-known npm package deleted files to oppose the situation in Ukraine.
In opposition to the continuing Russo-Ukrainian War, the creator of the well-known npm package “node-ipc” released corrupted versions of the library this month.
On developers’ computers, newer versions of the “node-ipc” programme started overwriting all files, erasing all data, and creating new text files containing “peace” messages.
Node-ipc is a well-known package used by important libraries like Vue.js CLI, with over a million downloads each week.
Protestware: Open source is affected by the continuing conflict in Ukraine
For users based in Russia and Belarus, specific versions (10.1.1 and 10.1.2) of the enormously popular “node-ipc” package were discovered to include malicious code that would overwrite or destroy arbitrary files on a system. These variations are monitored by CVE-2022-23812.
On March 8th, software engineer Brandon Nozaki Miller, alias RIAEvangelist, published two open source software packages on npm and GitHub called peacenotwar and oneday-test.
The fact that the packages primarily send a “message of peace” on the Desktop of any user who instals them suggests that the creator originally developed them as a way of peaceful protest.
According to RIAEvangelist, “This code serves as a non-destructive illustration of why controlling your node modules is vital.”
It also acts as a peaceful protest against Russia’s aggression, which currently threatens the entire world.
Although also maintained by RIAEvangelist, some npm versions of the well-known “node-ipc” library were seen unleashing a harmful payload to erase all data by overwriting files of users installing the package. This caused havoc.
It’s interesting to note that the malicious code, which was launched by the developer as early as March 7th, would read the system’s external IP address and would only overwrite files to remove data for users residing in Russia and Belarus.
To hide its true intent, the code in “node-ipc,” more notably in file “ssl-geospec.js,” uses base64-encoded strings and obfuscation techniques:
According to a condensed version of the code released by the researchers, the code will effectively delete all data on a machine for users located in Russia or Belarus by replacing all file contents with a heart emoji.
Additionally, because the peacenotwar module is included in “node-ipc” versions 9.2.2, 11.0.0, and those higher than 11.0.0, impacted users noticed “WITH-LOVE-FROM-AMERICA.txt” files appearing on their Desktop with “peace” messages:
Snyk, an open source security company, researchers also observed and investigated the malicious activity:
According to Liran Tal, Director of Developer Advocacy at Snyk, “at this point, a very clear abuse and a catastrophic supply chain security incident will occur for any system on which this npm package will be run, if that matches a geo-location of either Russia or Belarus.”
Users of Vue.js are alarmed by a supply chain attack.
The well-known JavaScript front-end framework “Vue.js” also depends on “node-ipc.” However, prior to this incident, “Vue.js” was configured to collect the most recent minor and patch versions rather than pinning the versions of “node-ipc” dependent to a safe version, as is clear from the caret () symbol: As a result, when several users were surprised, they urgently pleaded with the project’s maintainers to pin the “node-ipc” dependent to a safe version.
In addition, not only Vue.js but other open source projects have been harmed by this sabotage, as noted by BleepingComputer.
Other project maintainers are being cautioned by developers Lukas Mertens and Fedor to make sure they are not using a malicious version of “node-ipc”:
Researchers at Snyk believe that ‘node-ipc’ versions 10.1.1 and 10.1.2, which blatantly harm the system, were removed by npm within 24 hours of being published.
But take note that “node-ipc” versions 11.0.0 and higher are still accessible on npm. Additionally, the peacenotwar module that generates the aforementioned “WITH-LOVE-FROM-AMERICA.txt” files on the desktop is still present in these versions.
As a result, if you used the “node-ipc” library to build your application, be sure to pin the dependency to a secure version, like 9.2.1 (it turns out that 9.2.2 isn’t completely safe either).
Community outraged by incident in open source
This is the second significant act of self-sabotage by an open source developer this year, following the BleepingComputer-first reported “colours” and “fakers” episode from January.
The creator of “colours,” Marak Squires, received conflicting responses from the open source community because of his method of protest, which involved damaging countless apps by inserting infinite loops inside of them.
But the action of RIAEvangelist, who manages over 40 packages on npm, has come under fire for going beyond “peaceful protest” and aggressively placing damaging payloads in a well-known library without informing honest users.
A GitHub user described it as “a massive blow” to the open source community’s collective confidence.
“This behaviour is just unacceptable. War is undoubtedly a dreadful thing, but that doesn’t justify certain actions, such as placing weird files in desktop folders and erasing all files for Russia/Belarus users. You’re a f***, go to hell. You just managed to destroy the open-source community. You feeling better, @RIAEvangelist?” another enquired.
Some criticised the “node-ipc” developer for repeatedly altering and removing earlier comments on the forum in an effort to “clean up” his tracks [1, 2, 3].
“Even while some people may view maintainer RIAEvangelist’s purposeful and risky action as a justified form of protest. How does that affect the maintainer’s standing and involvement in the developer community in the future? “Snyk’s Tal queries.
Before including “node-ipc” in their applications, developers should use caution because there is no guarantee that future versions of this library or any other library made available by RIAEvangelist will be secure.
One method of defending your applications against such supply chain attacks is to pin your dependencies to a trustworthy version.
If you are searching to find Play Rajshree Video Game Outcome? After that, you can find several sites here that provide in-depth information.
Results Chart for the Playrajshree Lottery game online
RAJSHREE-J. 09:00 AM: 9033: 9123: 9272: 9389: 9452: 9503: 9671: 9722: 9827: 9948: It is completely forbidden to buy lottery tickets using this website in jurisdictions where lotteries are outlawed. To play the online lottery, you must be at least 18 years old.
http://www.playrajshree.com/QuickLink/ResultChart.aspx
DSDIR, Rajshri Play Game Result
Rajshree Lottery is a fun online game where you can view the results every 15 and 20 minutes as of Mar. 13, 2022. The age requirement to play this game is 18. Good luck today. Any adult can play the online game Rajshree Lottery.
Game Rajashri to play
Welcome to play the Rajashri Lottery at Draw Time: 10:00 AM on Draw Date: 10-03-2022: Golden (GA 60-69) ShubhLaxmi (SA 20-29). The current time is: 07:06:34 PM on 10-03-2022.
https://playrajashrilott.com/
Rajshree Result – DSDIR to play
Results Chart – PLAY ONLINE PLAYRAJSHREE LOTTERY GAME. RAJSHREE-J. Mar. 12, 2022. 09:00 AM: 9033: 9123: 9272: 9389: 9452: 9503: 9671: 9722: 9827: 9948: It is completely forbidden to buy lottery tickets using this website in jurisdictions where lotteries are outlawed.
Goa Lottery Rajshree Results – Lottery Results
Mar. 11, 2022 The Rajshree Lottery is held daily in Goa, and the results are reported below in the table. The top prize-winning ticket and the sum earned are displayed. You can check your tickets here to see if you won the top prize in the Rajshree lottery or any of the other levels. You can also check the top reward for previous drawings.
https://www.lotto.in/goa/rajshree-results
Findings – GOA Star
Summary of the results: Golden A Game, Subhlaxmi A Game, and Rajshree A Game.
https://playrajshreegoa.com/
Results Sheet for Rajshri’s Victory
In the states where lotteries are illegal, buying lottery tickets through our website is strictly forbidden. To play the online lottery, you must be at least 18 years old.
http://playrajshriwin.com/result.php
Results from the Rajshree Lottery
Rajshree Lottery is an online game that you can play for entertainment purposes; the results are updated every 15 and 20 minutes. The age requirement to play this game is 18. Good luck today. Rajshree Lottery is an internet game that any adult can play for free. No upfront payment is necessary.
https://www.rajshreelottery.co.in/
Application Rajshree Lottery Results – Google Play
This Rajshree Lottery Sambad is unofficial and has no affiliation with any State Lottery Result Board as of October 29, 2021. We simply gathered these findings from open-source third-party websites, and we urge you to double-check them against officially released data.
https://play.google.com/store/apps/details?
id=loteryresulraj
Rajshree Outcome
Play the Rajshree lottery, Rajshree lottery, best lottery, lottery, play the Rajshree lottery result, and Rajshree lottery result. Draw time for the Rajshree Sikkim Lottery is today at 3:00 AM.
https://www.rajshree10.com/current-draw.php
The sources mentioned above should be able to provide you with information on the Play Rajshree Game Result. If not, you can contact me through the comments.
Over two million individuals have been duped into installing new Android malware, phishing, and adware apps that have penetrated the Google Play store.
The programmes, which appear to be helpful utilities and system optimizers but are actually the causes of performance glitches, advertisements, and a degraded user experience, were found by Dr. Web antivirus.
One Dr. Web-illustrated app that has one million downloads is TubeBox, which is still accessible on Google Play as of this writing.
When trying to redeem the collected prizes, TubeBox consistently presents problems, despite promising users money for watching movies and advertisements on the app.
Even customers who successfully complete the final withdrawal stage never actually receive the money, according to the researchers, as the whole thing is just a ploy to keep users on the app as long as possible so they may view adverts and bring in money for the makers.
The following adware applications also showed up on Google Play in October 2022 but were later taken down:
One million downloads of the Bluetooth device auto connect (bt autoconnect group)
USB, Wi-Fi, and Bluetooth drivers (simple things for everyone) Over 100,000 downloads
Bt Autoconnect Group’s Volume, Music Equalizer: 50,000 downloads
(Hippo VPN LLC) Fast Cleaner & Cooling Master – 500 downloads
The aforementioned apps take instructions from Firebase Cloud Messaging and load the websites listed in them, which results in the fraudulent display of advertisements on the affected devices.
The remote operators might also set up an infected device to function as a proxy server in the instance of Fast Cleaner & Cooling Master, which had a low download volume. The threat actors could route their own traffic through the infected device using this proxy server.
Last but not least, Dr. Web came across a number of loan scam apps with an average of 10,000 downloads on Google Play that claimed to have a direct connection to Russian banks and investment companies.
Through malicious advertising on other apps, these apps were marketed as offering assured investment returns. Actually, the apps direct users to phishing websites where their personal data is gathered.
You should always look for bad reviews, carefully read the privacy statement, and visit the developer’s website to verify the legitimacy of an app before downloading it from Google Play.
Generally speaking, try to limit the number of installed apps on your smartphone and occasionally check to make sure Google Play Protect is turned on.
Press Release
THE ANALYSIS RESULTS THAT THE OPENCV-BASED FACIAL RECOGNITION MODEL AS USED BY EXAM MONITORIO FAILS TO RECOGNIZE BLACK FACES MOST OF THE TIME (TODD FEATHERS/VICE).
Analysis finds that an OpenCV-based facial recognition model used by exam monitoring software Proctorio fails to recognize Black faces more than 50% of the time — A student researcher has reverse-engineered the controversial exam software—and discovered a tool infamous for failing to recognize non-white faces.
-
Social Media7 months agoWho is Rouba Saadeh?
-
Social Media7 months agoMati Marroni Instagram Wiki (Model’s Age, Net Worth, Body Measurements, Marriage)
-
Entertainment7 months ago12 Online Streaming Sites that Serve as Best Alternatives to CouchTuner
-
Entertainment7 months agoMovierulz Website: Movierulzz 2021 Latest Movies on Movierulz.com
-
Social Media7 months agoBrooke Daniells: Everything About Catherine Bell’s Partner
-
Entertainment7 months ago4MovieRulz Download Telegu Movies | 3MovieRulz | Movierulz.com
-
Guides7 months agoHow to make selfies with Dorian Rossini
-
Entertainment7 months agoMangastream is Not Functional – How About Taking Alternative Online Movie Sites in 2021