@sbxapps/sbx-operations-administration-fieldservicetools-ui@45.0.5
Ships fake React components (Button, Card, Modal) as cover for a 33KB obfuscated credential stealer in scripts/preflight-check.js. Exfiltrates system information, environment variables, and credentials to a Slack webhook using double base64 + charCode encoding, with hash-based deduplication to avoid sending duplicates.
@sbxapps/sbx-operations-administration-fieldservicetools-ui@45.0.5 ships fake React components (Button, Card, Modal) as cover for a 33KB obfuscated credential stealer that exfiltrates data to a Slack webhook via double base64 + charCode encoding.
dist/components/Button.js — 800B (real but trivial React component)
dist/components/Card.js — 635B
dist/components/Modal.js — 726B
dist/components/Input.js — 92B
dist/index.js — 575B
scripts/preflight-check.js — 33,612B ← THE PAYLOAD
scripts/postflight-verify.js — 1,358B
The payload uses double base64 + charCode arrays to hide a Slack webhook:
var s=[_d([97,72,82,48,99,72,77,54,76,121,...]), // base64 of base64
_d([86,68,65,120,77,86,100,76,85,70,...]),
_d([81,106,66,66,85,84,81,119,86,107,...]),
_d([81,85,49,106,101,72,74,50,99,107,...])];
Decoded result:
https://hooks.slack.com/services/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
The payload collects system information, environment variables, and credentials, then sends them to the Slack webhook in 50KB chunks. Uses hash-based deduplication to avoid sending the same data twice.
The double base64 + charCode encoding is specifically designed to evade both string-matching scanners and simple base64 decoders. Our scanner caught it because of the fromCharCode pattern, but the actual webhook URL required two rounds of decoding to extract.
hooks.slack.com/services/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github.com/internal/ (non-existent)Detected by: npm-sentinel automated scanner Date: 2026-04-03