Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Threat detected: Coinminer.JS.MALb (flatmap-stream)

See original GitHub issue

Current behavior:

Unable to extract cypress because a dependency (flatmap-stream) is compromised.

Desired behavior:

To be able to extract cypress without errors from an AV software.

Steps to reproduce:

Pre-requisites: have an anti-virus software (TrendMicro in my case)

  1. Download the archive from the endpoint supplied below
  2. Extract the contents
  3. Extraction process is halted because a threat is detected.

Problematic file:

.\Cypress\resources\app\packages\server\node_modules\flatmap-stream\test\data.js

flatmap-stream has been removed from npm

Versions

Latest version, downloaded from https://cdn.cypress.io/desktop/3.1.2/win64/cypress.zip

Further information

Looking at the package-lock.json in .\Cypress\resources\app\packages\server\, it seems like flatmap-stream is being pulled, indirectly, by nodemon

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Reactions:1
  • Comments:9 (5 by maintainers)

github_iconTop GitHub Comments

1reaction
chrisbreidingcommented, Dec 4, 2018

Can’t promise a date, but if not today, then certainly sometime this week.

We’re still looking into why a dev dependency made it into the production binary, as that should not happen. Seems that it only happens with the windows binary ~and it’s only nodemon, no other dev dependencies.~ On second look, it appears to have all the dev dependencies, at least from packages/server.

1reaction
jpmnteirocommented, Dec 1, 2018

Interesting, nodemon is also a dev dependency on the server.

Why would the production package on the CDN contain the development dependencies?

Read more comments on GitHub >

github_iconTop Results From Across the Web

Trojan:JS/CoinMiner threat description - Microsoft
Understand how this virus or malware spreads and how its payloads affects your computer. Protect against this threat, identify symptoms, ...
Read more >
JavaScript Malware Scanning Detected BitCoin Mining on ...
The customer run a virus scanning using VirusTotal and found a Virus on flatmap-stream NodeJS module which is a dependent of nodemon@1.18.4 ...
Read more >
COINMINER.JS.MALXMR.AC - Threat Encyclopedia
Scan your computer with your Trend Micro product to delete files detected as COINMINER.JS.MALXMR.AC. If the detected files have already been ...
Read more >
TrendMicro sees vscode pio extension as threat - PlatformIO IDE
In the folder .vscode\extensions\platformio.platformio-ide-1.4.3\node_modules\flatmap-stream, the files index.min.js and data.js were ...
Read more >
JS/CoinMiner.DO!tr - Threat Encyclopedia | FortiGuard
Make sure that your FortiGate/FortiClient system is using the latest AV database. Quarantine/delete files that are detected and replace infected files with ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Improve how config changes are handled

Next page

Allow one to store location as alias and visit it later