I've been seeing a lot of posts from folks who found malicious code in repositories linked to take-home assignments from scammers pretending to be HR managers or employers. A couple of months ago, I ran some of that code without using a virtual machine, which I realize was a bad idea. Now, three months later, I haven't noticed anything out of the ordinary, but it makes me wonder just how powerful malicious JavaScript could be. Can it wait for a trigger in my system, or something? How can I check for any lingering issues?
1 Answer
Running `npm install` can execute any install script it includes, giving malicious code the chance to steal your passwords and cookies without you realizing. It's way more dangerous than just running code in a browser because it has full access to everything your user account does. You definitely want to be careful!
Should I be concerned three months later if everything seems normal? I get that I should be cautious, but how likely is it that the code just waits for something to happen to trigger it?