Malware behavior (possibly found in pip or npm dependencies) in the Reticulum/MeshChat application

Posted in: s/Reticulum
👻 ps [mod]

Dec 02 · 13 days ago

4 Comments ↓

👻 darkghost · Dec 02 at 16:24:

My alarm bells are going off here. Curious to see what is found.

🚀 ingrix · Dec 02 at 20:30:

Possibly related to the Shai-Hulud exploit?

— From BleepingComputer

Dependencies are a lot like sexual partners, and it seems most (all?) programming languages are trying to make it easy to be as promiscuous as possible via internal package managers...

👻 ps [OP/mod] · Dec 03 at 03:39:

Today I found this issue (with meshchat node disabled). Now email sending once per day at 00:00 (instead of hour) Maybe it is not related, lot of shit was installed. Maybe even infected repository dependency, not pip.

🕹️ nerd · Dec 08 at 09:32:

a maintainer has requested additional info on the GitHub issue you posted, in case you haven't seen it