—

MAL-2026-4709

Malicious code in wallet-agent-ai-radix (npm)

상세

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (60a953d7785091650f4f48e0b038e71ad79788102ffd652bff4bb0e8bf40ea21) dist/agent.js contains a hardcoded Telegram Bot API endpoint (https://api.telegram.org) reached via fetch() with a POST body that includes values from process.env. The bundle co-references wallet-related endpoints (api.astrolescent.com) alongside the Telegram exfiltration channel. A package whose advertised purpose is wallet/agent functionality has no legitimate reason to POST environment data or wallet context to a hardcoded third-party Telegram bot — this is the canonical hardcoded-C2 exfiltration shape, where any installer/operator running this package leaks data to the attacker who controls the embedded bot token.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

npm / wallet-agent-ai-radix

No fixed version published yet for wallet-agent-ai-radix (npm). Pin to a known-safe version or switch to an alternative.

참고

https://www.npmjs.com/package/wallet-agent-ai-radix/v/1.0.0 [PACKAGE]