
Plot to steal cryptocurrency foiled by the NPM security team - evilpacket
https://blog.npmjs.org/post/185397814280/plot-to-steal-cryptocurrency-foiled-by-the-npm
======
ievans
It's been taken down, but here's what the malicious payload inside electron-
native-notify looked like:
[https://gist.github.com/ievans/7e10101cadb823583f77a5d40c64e...](https://gist.github.com/ievans/7e10101cadb823583f77a5d40c64ec5b#file-
index-js-L11)

