—

MAL-2026-4823

Malicious code in msc-terminal (npm)

상세

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (eec05fa3df0248b788635026129e1ca42d37887fe05235f20f2e9ad6f0ad6f27) Cross-platform infostealer/RAT. postinstall installs obfuscated payload.js as 'MicrosoftSystem64' persistence (schtasks/launchctl/systemd). Keylogger w/ password-field detection, 27-wallet drainer, browser+SSH cred exfil, HuggingFace as covert C2.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

npm / msc-terminal

No fixed version published yet for msc-terminal (npm). Pin to a known-safe version or switch to an alternative.

참고

https://www.npmjs.com/package/msc-terminal/v/3.2.0 [PACKAGE]