FlagThis

Multiple npm packages are posing as useful, open-source utilities to retrieve an external IP address, but are actually malicious executables targeting Windows, Linux, and macOS users. These trojans are designed to steal cryptocurrency from unsuspecting developers. The malicious packages have been identified as “node-request-ip,” “request-ip-validator,” and “node-request-ip-validator.” These packages lure developers with their simple purpose, making it easier for the malicious code to sneak in undetected. These packages are not genuine and should not be installed or used. Developers and users are advised to exercise caution and only install packages from trusted sources.