node-ipc
node-ipc is identified in the SafeDep analysis "Compromised node-ipc on npm: Credential Stealer via DNS Exfiltration". >-
discovered 2026-05-14
Threat types
credential_stealerdata_exfiltrationratpersistence
Malicious versions
- 9.1.6
- 9.2.3
- 12.0.1
Campaigns
Indicators
- ipv41.1.1.1communicates-with
- ipv48.8.8.8communicates-with
- sha256449e4265979b5fdb2d3446c021af437e815debd66de7da2fe54f1ad93cbcc75eindicates
- sha256c2f4dc64aec4631540a568e88932b61daebbfb7e8281b812fa01b7215f9be9eaindicates
- sha25678a82d93b4f580835f5823b85a3d9ee1f03a15ee6f0e01b4eac86252a7002981indicates
- sha2563427a90c8cb9af764445448648176e120ebc6af0a538158340cf6220de4d01b7indicates
- sha256fdba4191831a13debf9d8c0c940b0301c7b7f01d27f1b1c73ed3ceaa2db4103bindicates
- email[email protected]exfiltrates-to
Techniques
- ttpT1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
- ttpT1059.007 Command and Scripting Interpreter: JavaScriptuses
- ttpT1552.001 Unsecured Credentials: Credentials In Filesuses
- ttpT1041 Exfiltration Over C2 Channeluses
- ttpT1105 Ingress Tool Transferuses
- ttpT1071.001 Application Layer Protocol: Web Protocolsuses
- ttpT1071.004 Application Layer Protocol: DNSuses
- ttpT1546 Event Triggered Executionuses
