Recently identified npm packages called “node-request-ip“, “request-ip-check” and “request-ip-validator“ impersonate handy open source utilities relied upon by developers to retrieve an external IP address but instead target Windows, Linux and macOS users with malicious executables which are trojans and cryptocurrency stealers.

*** This is a Security Bloggers Network syndicated blog from 2024 Sonatype Blog authored by Ax Sharma. Read the original post at: https://www.sonatype.com/blog/fake-ip-checker-utilities-on-npm-are-crypto-stealers