VDB
GCVE-110-OSM-2026-5946
GCVE-110-OSM-2026-5946
Advisory PublishedCVSS 9.6/10
Malicious package detected. Behaviors: data exfiltration, code execution, obfuscated code.
ENTRY
src/platforms/channeltalk/cli.ts (bin: ./src/platforms/channeltalk/cli.ts)
LOOT
- Discord Token Theft in dist/src/platforms/discord/token-extractor.js: "dQw4w9WgXcQ"
- Discord Token Theft in src/platforms/discord/token-extractor.ts: "dQw4w9WgXcQ"
PERSISTENCE
- Startup Persistence in dist/src/platforms/instagram/client.js: ".profile"
- Startup Persistence in dist/src/platforms/kakaotalk/client.js: ".profile"
- Startup Persistence in dist/src/platforms/line/client.js: ".profile"
- Startup Persistence in dist/src/platforms/slack/client-mappers.js: ".profile"
- Startup Persistence in dist/src/platforms/slack/client.js: ".profile"
- Startup Persistence in dist/src/platforms/slack/commands/channel.js: ".profile"
- Startup Persistence in dist/src/platforms/slack/commands/snapshot.js: ".profile"
- Startup Persistence in dist/src/platforms/slack/commands/user.js: ".profile"
(+39 more)
DESTINATION
- reconstructed: https://i.instagram.com/api/v1/qe/sync/ (primary, reconstructed) in dist/src/platforms/instagram/client.js
- reconstructed: https://my.telegram.org/auth/send_password (reconstructed) in dist/src/platforms/instagram/client.js
- custom-c2: i.instagram.com (reconstructed) in dist/src/platforms/instagram/client.js
- telegram-bot: api.telegram.org/bot<TOKEN (plaintext) in skills/agent-telegrambot/SKILL.md
- telegram-bot: api.telegram.org/botTOKEN/getMe (plaintext) in src/platforms/telegrambot/client.test.ts
- custom-c2: https://api.channel.io/open/v5 (plaintext) in dist/src/platforms/channeltalkbot/client.js
- custom-c2: https://msgapi.teams.live.com/v1 (plaintext) in dist/src/platforms/teams/client.js
- custom-c2: https://webexapis.com/v1 (plaintext) in dist/src/platforms/webex/client.js
(+20 more)
EXFIL
- Git Configuration Access in .github/workflows/release.yml: "git config user.name"
- Data Encoding for Exfiltration in dist/src/platforms/channeltalkbot/client.js: "encodeURIComponent(name)}`, undefined, 'group"
- Data Encoding for Exfiltration in dist/src/platforms/discord/client.js: "encodeURIComponent(emoji"
- Data Encoding for Exfiltration in dist/src/platforms/discord/super-properties.js: "btoa("
- Data Encoding for Exfiltration in dist/src/platforms/discordbot/client.js: "encodeURIComponent(emoji"
- Data Encoding for Exfiltration in dist/src/platforms/instagram/client.js: "encodeURIComponent(query)}&count=10"
- Data Encoding for Exfiltration in dist/src/platforms/slack/token-extractor.js: "Buffer.from(script, 'utf16le').toString('base64')"
- Data Encoding for Exfiltration in dist/src/platforms/teams/client.js: "encodeURIComponent(chatId"
(+56 more)
OBFUSCATION
- Dynamic Base64 Decoding in dist/src/platforms/kakaotalk/protocol/crypto.js: "Buffer.from(LOCO_RSA_PUBLIC_KEY_DER_B64, 'base64')"
- Dynamic Base64 Decoding in dist/src/platforms/slack/token-extractor.js: "Buffer.from(encryptedKeyB64, 'base64')"
- Dynamic Base64 Decoding in dist/src/platforms/webex/client.js: "Buffer.from(roomId, 'base64')"
- Dynamic Base64 Decoding in dist/src/shared/chromium/decryptor.js: "Buffer.from(b64, 'base64')"
- Dynamic Base64 Decoding in dist/src/vendor/linejs/base/e2ee/mod.js: "Buffer.from(key, "base64")"
- Dynamic Base64 Decoding in dist/src/vendor/linejs/base/login/mod.js: "Buffer.from(secretPK, "base64")"
- Dynamic Base64 Decoding in src/platforms/kakaotalk/protocol/crypto.ts: "Buffer.from(LOCO_RSA_PUBLIC_KEY_DER_B64, 'base64')"
- Dynamic Base64 Decoding in src/platforms/slack/token-extractor.ts: "Buffer.from(encryptedKeyB64, 'base64')"
(+17 more)
ADDITIONAL FINDINGS
- Stealth Background Process Spawning in dist/src/platforms/discord/token-extractor.js: "spawn(appPath, args, { detached: true, stdio: 'ignore', }).unref(); } else if (t..."
- Reconstructed Obfuscated URL in dist/src/platforms/instagram/client.js: "https://i.instagram.com/api/v1/qe/sync/"
- Download Execute Delete Pattern in dist/src/platforms/kakaotalk/commands/auth.js: "execSync } = require('node:child_process'); if (process.platform === 'darwin') {..."
- Shell Command Execution in dist/src/platforms/channeltalk/token-extractor.js: "execSync("
- Silent Process Execution in dist/src/platforms/discord/token-extractor.js: "stdio: 'ignore'"
- Detached Child Process Payload in dist/src/platforms/discord/token-extractor.js: "spawn(appPath, args, { detached: true"
(+2 more)
PAYLOAD FILES
src/platforms/webex/types.test.ts
INDICATORS (IOCs)
- ipv4: 1.31.38.89, 3.5.7.9, 1.5.75.75, 203.0.113.10, 1.1.0.1
- urls: https://agent-messenger.dev/docs/cli/slack, https://agent-messenger.dev/docs/cli/discord, https://agent-messenger.dev/docs/cli/teams, https://agent-messenger.dev/docs/cli/webex, https://agent-messenger.dev/docs/cli/telegram (+38 more)
- domains: agent-messenger.dev, agentskills.io, skillpad.dev, badge.skillpad.dev, skills.sh (+28 more)
- emails: 123456789-123345@g.us, id@g.us, guid1_guid2@unq.gbl.spaces, Generated@developer.webex.com, 987654321-654321@g.us (+6 more)
- sha256Hashes: e90806657443a7f16093c0846690aeeea96cd2b3ed9b79cf544297c526b4f9af, abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890
- payloadFileHash: b12a0f861506341ad5ec91d9c5c723d0bd4e56e47cce6b2d21e0f26de5296271
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | agent-messenger | 2.20.3 (affected) | — |
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.