Trojan downloader???!!!!

Question

Trojan downloader???!!!!

Jukez17 opened this issue 3 years ago · 14 comments

I was updating my depencies and such and started getting error that slugify module isn't found and now I know why and its because my firewall blocks and qurantines the module.

Answer 1 · 2021-11-09T13:04:43.000Z

You can download the package from NPM and inspect it if you want. I'd be curious to know what you will find.

Answer 2 · 2021-11-09T13:06:16.000Z

@simov I am not able to because my firewall keeps removing it

Answer 3 · 2021-11-09T13:08:51.000Z

Does that shows you a path to that file? It could be something else .. called slugify.js. You can also check out the security report about it.

Answer 4 · 2021-11-09T13:12:16.000Z

is the path to the file

Answer 5 · 2021-11-09T13:17:06.000Z

Well unfortunately I can't help you. Probably your machine got compromised or something like that. You can download the package as tarball from NPM and inspect it if you want.

Answer 6 · 2021-11-09T13:21:54.000Z

Just linking this other ticket #133, not sure what happened in that case.

Answer 7 · 2021-11-09T13:55:36.000Z

Just linking this other ticket #133, not sure what happened in that case.

I wonder if this might be a genuine false positive in F-Secure or whatever. Like, whatever heuristic they're using is being triggered by RTL characters and whatnot in slugify.

Answer 8 · 2021-11-09T14:02:41.000Z

I can't even create a new project now that this crashes whole thing on gatsby

Answer 9 · 2021-11-09T19:28:38.000Z

I can't even create a new project now that this crashes whole thing on gatsby

You probably need to take this up with your anti-malware vendor (F-Secure?), but one thing you can try is installing a different version of slugify. You can also try using slug. It is largely (although not entirely) the same API so it is often a drop-in replacement.

Answer 10 · 2021-11-10T07:38:49.000Z

I think that slugify comes with some module would installing different slug module work? even when i installed basic boiler plate template there was the same thing happening
@Trott

Answer 11 · 2021-11-29T11:11:58.000Z

I have the same issue on a machine.

The problem is that some don't have access to antivirus settings (especially at work) so this kind of breaks any project erlying on slugify.

Perhaps this should be uploaded as a false positive at F-secure to make it stop thinking it's malware? The module author should try this and see what the F-secure people say.

In the meantime this is clearly bothersome.

Answer 12 · 2021-11-29T17:35:48.000Z

The module author should try this and see what the F-secure people say.

My opinion only, but I would think the customer who wants to use the software would do this rather than the module author who is a volunteer and is giving away the software and support time for it at no charge.

Answer 13 · 2021-11-29T18:58:05.000Z

@AxelTerizaki @Trott I made sample to fsecure and it was false positive and they updated their database.

Answer 14 · 2021-11-29T18:59:49.000Z

Thanks for the info. That means my F-secure isn't using the latest update for some reason.