VDB
EN

MAL-2025-6214

Malicious code in ecinc-cloud-moaxmpp (npm)

상세

Package exhibits multiple malicious behaviors: Office doc access/encryption, DB interaction, local storage clearing, arbitrary code execution, /dev/shm ref. The code includes a native bridge that allows it to execute arbitrary SQL queries on a mobile device’s database when used within a specific mobile application context. The `ecmoaxmpp.umd.js` file revealed a highly suspicious pattern. The code includes a function that checks if `window.mappType` is not equal to `'web'`. When this condition is met, it proceeds to call `window.$wv.databaseHandle`, a function that acts as a bridge to a native mobile application. The methods invoked through this bridge include 'execute', 'rawQuery', 'rawInsert', 'rawUpdate', and 'rawDelete', all of which indicate direct, raw access to a mobile device’s database.

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (278b09ddb42295dff2bd8c843131f7f3c9d4d793bb42dd797adbc9c6c825a656) The package was found to contain malicious code or consuming dependency that contains malicious code

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

npm / ecinc-cloud-moaxmpp
최초 영향 버전: 0

No fixed version published yet for ecinc-cloud-moaxmpp (npm). Pin to a known-safe version or switch to an alternative.

참고