A Chillingly Simple Story of Modern Devastation

As intelligent as humans are known to be, we do have our fair share of cognitive limitations. For instance, every once in a while, we encounter a situation where we fail to see the entire picture. This results in a human approach that barely fulfils all the obligations in play. Now, like you would expect, such a dynamic almost always leaves a negative impact on us. Hence, in a bid to nullify its powers, we have developed various methodologies, each one designed to work in a unique manner. In hindsight, if we take a moment to assess how these methodologies have fared, we’ll see that even though their granular effect is too dissimilar for conducting any viable comparison, there is a particular one which went above and beyond to race ahead of the rest. The said method talks to a concept called technology. Technology’s success story is often mistakenly considered as some really obscure compilation of gazillion advancements, but in reality, it’s a story constructed around basic elements like efficiency and convenience. However, the simplified foundations couldn’t save us from having to pay a significant price, and we did so through the sacrifice of our security. Ever since technology has arrived on the scene, alongside the benefits, we also had to deal with some major security issues. The iterations of this threat are way too many to count, and yet we have one more joining the pack.

According to a report from Bleeping Computer, an open-source developer named Marak Squires deliberately corrupted a pair of widely-used libraries on GitHub and software registry npm, faker.js and colors.js. The integration of certain malicious components into these libraries means any project currently relying on them needs to start afresh. To get a gist regarding how far the ripple effects might reach, we can look at the reported figures for weekly downloads, which are 22.4 million in colors.js’ case, and 2.5 million for faker.js. The sabotage made itself apparent once several users started complaining that their applications were producing strange letters and symbols, always beginning with the text “LIBERTY LIBERTY LIBERTY”

At present, the motive behind the move is unclear; however, there are some readymade leads available. One lead goes through the renaming of faker.js Readme file that was changed to “What really happened with Aaron Swartz?”, indicating links to a prominent developer, who was charged for stealing documents from the academic database JSTOR. Swartz allegedly wanted make them accessible without any costs, but two years after he was charged, the developer committed suicide.

In response to the attack, colors.js has been updated to a working version. On the other hand, though, faker.js remains affected.. Apart from that, GitHub also banned Squires from the platform.

 

Share

Related

Microsoft to alert enterprise security teams when nation-state attackers target their employees

Enterprise security software comes in many forms and flavors....

ICON Outlook Digital Transformation Award Winner

Olive is the ultimate solution for Enterprises looking to...

Voxel51 Raises $12.5 Million in Series A Financing; Plans to Scale Up Proprietary Platform and Expand Workforce

Human beings have proven themselves to be good at...

A Safer Take on Your Finances

It wouldn’t be too much of a stretch, if...

Building the EV Dream

While there are gazillion valuable elements in the human...

Cyber Security & Cloud Expo Europe: Agenda Delivers Beyond Expectations

Cyber Security & Cloud Expo is returning to Amsterdam...

Another Pursuit for Domination

One reason why technology feels like such a transformative...

Uncovering the Importance of Electronic Health Records

Electronic Health Records or EHRs are kept to help...

E-commerce: Transformation, Integration and future

In the contemporary landscape of business, electronic commerce, or...

Latest

No posts to display

No posts to display