New Protestware Found Lurking in Highly Popular NPM Package

Two packages: styled-components and es5-ext. Both print out console messages on .ru systems, neither one messes with the system’s files.

Just found about it while releasing a package to VS Code marketplace - It appears we can't use the last versions of this package (es5-ext) anymore due to anti viruses marking it as a Hoax malware. I wonder what's people take here - should VirusTotal and anti viruses detect it as malware?

Let’s call it what it is - malware

Is this behavior listed as a feature of the package? If not, it’s malware.