I know sockets probably aware of this, but the root scam seems to start with forks of existing libraries.
NPM should be doing some finger printing of new projects and flag any that dont meet a reasonable threshold. Obviously obfuscation will occur, which could become its own subsequent flag.
Anyway, keep up the good work feross.
cranberryturkey · 3h ago
there's a ton of crypto related scams where they want you to run their repo locally and it steals any wallets you have or browser sessions.
NPM should be doing some finger printing of new projects and flag any that dont meet a reasonable threshold. Obviously obfuscation will occur, which could become its own subsequent flag.
Anyway, keep up the good work feross.