coffe-script is malware
High severity
GitHub Reviewed
Published
Aug 6, 2018
to the GitHub Advisory Database
•
Updated Sep 7, 2023
Description
Published to the GitHub Advisory Database
Aug 6, 2018
Reviewed
Jun 16, 2020
Last updated
Sep 7, 2023
The
coffe-script
package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations.All versions have been unpublished from the npm registry.
Recommendation
If you have found
coffe-script
installed in your environment, you should:Additionally, any service which may have been exposed via credentials in your bash history or accessible via your ssh keys, such as a database, should be reviewed for indicators of compromise as well.
References