Peacenotwar

Peacenotwar's theme is one that has captured the attention of individuals from various backgrounds and interests. For a long time, Peacenotwar has been the object of study, debate and reflection. Its relevance and significance have allowed it to become a meeting point for different perspectives and approaches. In this article, we will explore in depth and detail the many facets of Peacenotwar, with the intention of providing a comprehensive and enriching vision on this topic. Through rigorous analysis and presentation of substantial evidence, we seek to contribute to the understanding and appreciation of Peacenotwar.

peacenotwar
Common namepeacenotwar
TypeMalware
SubtypeJavaScript Payload
Author(s)Brandon Nozaki Miller
Written inJavaScript

peacenotwar is a piece of malware/Protestware created by Brandon Nozaki Miller. In March 2022, it was added as a dependency in an update for node-ipc, a common JavaScript dependency.

Background

Between 7 March and 8 March 2022, Brandon Nozaki Miller, the maintainer of the node-ipc package on the npm package registry, released two updates containing malicious code targeting systems in Russia and Belarus (CVE-2022-23812). This code recursively overwrites all files on the user's system drive with heart emojis. A week later, Miller added the peacenotwar module as a dependency to node-ipc. The function of peacenotwar was to create a text file titled WITH-LOVE-FROM-AMERICA.txt on the desktop of affected machines, containing a message in protest of the Russo-Ukrainian War; it also imports a dependency on a package (npm colors package) that would result in a Denial of Service (DoS) to any server using it.

Impact

Because node-ipc was a common software dependency, it compromised several other projects which relied upon it.

Among the affected projects was Vue.js, which required node-ipc as a dependency but didn't specify a version. Some users of Vue.js were affected if the dependency was fetched from specific packages. Unity Hub 3.1 was also affected, but a patch was issued on the same day as the release.

See also

References

  1. ^ "Open source 'protestware' harms Open Source - Voices of Open Source". 24 March 2022.
  2. ^ Dan Goodin (18 March 2022). "Sabotage: Code added to popular NPM package wiped files in Russia and Belarus". Ars Technica.
  3. ^ "Open Source Maintainer Sabotages Code to Wipe Russian, Belarusian Computers". Vice News. 18 March 2022. Retrieved 18 March 2022.
  4. ^ Lucian Constantin (19 March 2022). "Developer sabotages own npm module prompting open-source supply chain security questions". Computer Security Online. Retrieved 16 March 2024.
  5. ^ Adam Bannister (21 March 2022). "NPM maintainer targets Russian users with data-wiping 'protestware'". The Daily Swig: Cybersecurity News and Views. Retrieved 16 March 2024.
  6. ^ "Embedded Malicious Code in node-ipc". GitHub. Retrieved 16 March 2024.
  7. ^ "CVE-2022-23812 Detail". National Vulnerability Database. Retrieved 16 March 2024.
  8. ^ Ax Sharma (17 March 2022). "BIG sabotage: Famous npm package deletes files to protest Ukraine war". Bleeping Computer. Retrieved 16 March 2024.
  9. ^ "CVE-2022-23812". GitHub. Retrieved 16 March 2024.
  10. ^ Proven, Liam (18 March 2022). "JavaScript library updated to wipe files from Russian computers". The Register. Situation Publishing. Archived from the original on 18 March 2022. Retrieved 18 March 2022.
  11. ^ "Alert: Peacenotwar module sabotages NPM developers in the node-ipc package to protest the invasion of Ukraine | Snyk". 16 March 2022.
  12. ^ "Open source maintainer pulls the plug on NPM packages colors and faker, now what? | Snyk". 9 January 2022.
  13. ^ "Node-ipc-dependencies-list". GitHub. 19 March 2022.
  14. ^ "BIG sabotage: Famous npm package deletes files to protest Ukraine war". Bleeping Computer. Retrieved 17 March 2022.
  15. ^ Tal, Liran (16 March 2022). "Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine". Snyk.
Wikious
Boobota
Sagapedia