Severity: low

Silently Runs Cryptocoin Miner



Affected versions of hooka-tools were compromised and modified to silently run a cryptocoin miner in the background.

All affected versions have been unpublished from the npm registry.


While this module has been unpublished, some versions may exist in mirrors or caches. Do not install this module, and remove it if found.

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. published

    Advisory published
    Oct 25th, 2017
  2. reported

    Initial report by Anonymous
    Oct 24th, 2017