Open-source Software Erase The Hard Drives Of Computers In Russia And Belarus

Share post:

A maintainer has been criticized for creating a poisonous open-source npm program that can erase the hard drives of computers located in Russia and Belarus.

The open-code npm source-code package called peacenotwar was written by Brandon Nozaki Miller, JavaScript’s package manager maintainer RIAEvangelist.

The package has a 9.8 severity rating. It is tracked as CVE-2022-23812. It contains malicious code that targets users with IP located in Russia or Belarus and overwrites their files with a heart emoji.

Miller initially wrote the code to protest Russia’s invasion of Ukraine. However, other capabilities were added and soon, the code started destroying computers’ file systems.

Liran Tal, the Snyk researcher who uncovered the problem explain that such action could result in the maintainer not being trusted again.

“Even if the deliberate and dangerous act of maintainer RIAEvangelist will be perceived by some as a legitimate act of protest, how does that reflect on the maintainer’s future reputation and stake in the developer community?” Tal said.

For more information, read the original story in ZDNet.

SUBSCRIBE NOW

Related articles

North Korean Hackers Trick Employees With New Social Engineering

North Korean Hackers Trick Employees With New Social Engineering, New Prompt Injection Attack Compromises Gemini's Long-Term Memorym Canada's...

Canada’s Tech Sector Faces Continuing Talent Crunch: Hashtag Trending

Report Says Canada's Tech Sector Faces Continuing Talent Crunch Amid Rapid AI Advancements, Study Reveals reCAPTCHA's Lousy At...

homson Reuters Wins Landmark AI Copyright Case: Hashtag Trending for Thursday, February 13, 2025

Thomson Reuters Wins Landmark AI Copyright Case, Tumblr joins the fediverse and converts to WordPress, The US and...

Scammers Exploit DeepSeek Hype: Cyber Security Today

Scammers Exploit DeepSeek Hype with Fake Websites and Crypto Schemes, A Researcher Jailbreaks OpenAI’s o3-mini Model, Bypassing Safety...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways