Emoji use suggests crypto-stealing NPM package was AI-made • The Register
An NPM package packed with cryptocurrency-stealing malware appears to have been largely AI-generated, as evidenced by its liberal use of emojis and other telltale signs.
Security shop Safety found the Kodane attack code in an npm module masquerading as “NPM Registry Cache Manager,” which claimed to offer “license validation and registry optimization” for Node.js apps. But when they dug into it, the source code made very clear what the actual purpose of the software was – in the markdown docs it calls itself Enhanced Stealth Wallet Drainer and, when activated, will empty any cryptocurrency wallet it can find in Windows, macOS, and Linux systems, and send the currency to an address on the Solana blockchain.
Judging from the transaction…
