VDB
EN

MAL-2026-10669

Malicious code in dbconnectify (npm)

상세

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (e23c446b06120537793ebc07d748d8de5334ae4ec6779bda5368885c72216e81) The package exposes a method queryDBConnect that performs an HTTP GET against a URL stored as a base64-encoded constant (HASH_KEY) decoded at runtime via atob(). The decoded endpoint is https://api.jsonsilo.com/public/bbc58e47-8c79-4653-ab75-d94e69230854, a third-party JSON-hosting service whose content is mutable by whoever controls the record. The fetched JavaScript source is passed to Node's internal Module._compile as "errorcheck.js", loading and executing attacker-controlled code in the installer's process. A database connector library has no functional need to load remote code, and hiding the endpoint behind base64 obfuscation is characteristic of evasion rather than legitimate configuration.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

npm / dbconnectify

No fixed version published yet for dbconnectify (npm). Pin to a known-safe version or switch to an alternative.

참고