VDB
EN

MAL-2026-10129

Malicious code in rtc-integration-frontend-sdk (npm)

상세

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (acfd49527fb8be1135feb424b68f6c46779ba146d8372d276eac1735770d6e5a) rtc-integration-frontend-sdk@99.9.0 registers a postinstall lifecycle hook ("postinstall": "node index.js") that fires automatically on npm install. index.js collects installer host reconnaissance — os.hostname(), userInfo().username, platform/arch, local network interface addresses, the public IP resolved via a call to https://api.ipify.org, the current working directory, and the package name — and POSTs the collected data to a hardcoded Discord webhook at discord.com/api/webhooks/. The package name and 99.9.0 version shape are consistent with a typosquat/version-bump lure; installing the package causes unconditional install-time exfiltration of host identifiers to an attacker-controlled endpoint.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

npm / rtc-integration-frontend-sdk

No fixed version published yet for rtc-integration-frontend-sdk (npm). Pin to a known-safe version or switch to an alternative.

참고