Common name | peacenotwar |
---|---|
Type | Malware |
Subtype | JavaScript Payload |
Author(s) | Brandon Nozaki Miller |
Written in | JavaScript |
peacenotwar is a piece of malware/Protestware
[1] created by
Brandon Nozaki Miller. In March 2022, it was added as a dependency in an update for
node-ipc
, a common
JavaScript dependency.
Between 7 March and 8 March 2022,
Brandon Nozaki Miller, the maintainer of the node-ipc
package on the
npm package registry, released two updates containing malicious code targeting systems in Russia and Belarus (
CVE-
2022-23812). This code recursively overwrites all files on the user's system drive with heart emojis.
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9] A week later, Miller added the peacenotwar module as a dependency to node-ipc
.
[10] The function of peacenotwar was to create a text file titled WITH-LOVE-FROM-AMERICA.txt
on the desktop of affected machines, containing a message in protest of the
Russo-Ukrainian War; it also imports a dependency on a package (npm colors package) that would result in a
Denial of Service (DoS) to any server using it.
[11]
[12]
Because node-ipc
was a common software dependency, it compromised several other projects which relied upon it.
[13]
Among the affected projects was
Vue.js, which required node-ipc
as a dependency but didn't specify a version. Some users of Vue.js were affected if the dependency was fetched from specific packages. Unity Hub 3.1 was also affected, but a patch was issued on the same day as the release.
[14]
[15]
Common name | peacenotwar |
---|---|
Type | Malware |
Subtype | JavaScript Payload |
Author(s) | Brandon Nozaki Miller |
Written in | JavaScript |
peacenotwar is a piece of malware/Protestware
[1] created by
Brandon Nozaki Miller. In March 2022, it was added as a dependency in an update for
node-ipc
, a common
JavaScript dependency.
Between 7 March and 8 March 2022,
Brandon Nozaki Miller, the maintainer of the node-ipc
package on the
npm package registry, released two updates containing malicious code targeting systems in Russia and Belarus (
CVE-
2022-23812). This code recursively overwrites all files on the user's system drive with heart emojis.
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9] A week later, Miller added the peacenotwar module as a dependency to node-ipc
.
[10] The function of peacenotwar was to create a text file titled WITH-LOVE-FROM-AMERICA.txt
on the desktop of affected machines, containing a message in protest of the
Russo-Ukrainian War; it also imports a dependency on a package (npm colors package) that would result in a
Denial of Service (DoS) to any server using it.
[11]
[12]
Because node-ipc
was a common software dependency, it compromised several other projects which relied upon it.
[13]
Among the affected projects was
Vue.js, which required node-ipc
as a dependency but didn't specify a version. Some users of Vue.js were affected if the dependency was fetched from specific packages. Unity Hub 3.1 was also affected, but a patch was issued on the same day as the release.
[14]
[15]