PkgRadar

npm · registry.npmjs.org

@iicp/client

Js Obfuscated Fetch Exec: Hex-decoded literal + network fetch + child-process exec — staged obfuscated-loader / dropper (hides the C2 URL from literal-URL detection).

Why PkgRadar flagged 0.7.63

SeveritySignalEvidence
highJs Obfuscated Fetch ExecHex-decoded literal + network fetch + child-process exec — staged obfuscated-loader / dropper (hides the C2 URL from literal-URL detection). · package/dist/cli.js
mediumTls Verification Disabledmatched "NODE_TLS_REJECT_UNAUTHORIZED=0" · package/dist/client.js

Scanned versions

VersionVerdictScoreScanned (UTC)
0.7.63High risk572026-06-20
0.7.62Low risk02026-06-13
0.7.61Low risk02026-06-13
0.7.60Low risk02026-06-13
0.7.59Low risk02026-06-12
0.7.57Low risk02026-06-12
0.7.58Low risk02026-06-12
0.7.56Low risk02026-06-12
0.7.54Low risk02026-06-11
0.7.51Low risk02026-06-10
0.7.50Low risk02026-06-10
0.7.48Low risk02026-06-10
0.7.46Low risk02026-06-08
0.7.45Low risk02026-06-08
0.7.44Low risk02026-06-08
0.7.43Low risk02026-06-08
0.7.42Low risk02026-06-08
0.7.40Low risk02026-06-07
0.7.39Low risk02026-06-07
0.7.38Low risk02026-06-07
0.7.37Low risk02026-06-05
0.7.36Low risk02026-06-03
0.7.35Low risk02026-06-03
0.7.32Low risk02026-06-03
0.7.12Low risk02026-05-30
0.7.11Low risk02026-05-29
0.7.10Low risk02026-05-29
0.7.8Low risk02026-05-29
0.7.6Low risk02026-05-29
0.7.7Low risk02026-05-29
0.7.3Low risk02026-05-29
0.7.5Low risk02026-05-29
0.5.6Low risk02026-05-27
0.5.7Low risk02026-05-27
0.5.3Low risk02026-05-27
0.5.4Low risk02026-05-27
0.2.0Low risk02026-05-25

Related campaigns

Block this in CI

PkgRadar gates @iicp/client (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @iicp/[email protected]
Start free — 25 scans / moView full evidence