Hi Fabio,
Thanks for the report! I can confirm that the NPM package delivered by the install script contains malware in its preinstall binary. [1]pkgbuild plex-media-player have been updated to include: […] Duplicates uploaded today always by new suspicious accounts are: plex-media-player-v2 plex-media-player-mod plex-media-player-custom also have 'npm install crypto-javascript' in .install file
I have deleted the three new packages and cleaned up the malicious commit on plex-media-player via force push.
The accounts responsible for the malicious commits have been suspended. I have also reported the infected package on NPM. Thanks again for your help. Much appreciated! [1]: https://socket.dev/npm/package/crypto-javascript/overview/4.3.6 Regards Claudia
OpenPGP_0xD11E9FC4F7C9DA3C.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
