So what makes this code so dangerous? When downloaded, they create a ‘shell’ on the user’s computer. This ‘shell’ allows bad actors to connect remotely to the user’s device. This means that the bad actors had complete access to the information stored on the computer. They could even download more malware to the device so that removing the package did not remove their access. For this reason, NPM stated that any computer with these packages installed should be considered ‘fully compromised’.
If you downloaded these packages on your devices, you are at risk. You should take some steps to secure your information:
- Think about wiping your computer.
- Rotate any sensitive information from a different computer.
- Remove the package from your computer.
Finally, this is a situation where you should consider seeking outside help. If you want to keep the compromised device, an outside IT firm is a great resource to make sure that your information is secure. Contact us here if you think that this may have affected your computer. You can also call us at (703) 790-0400.