https://oob.moika.tech/report
Exfiltration endpoint. Receives HTTP POST with process.env, hostname, username, platform, arch, cwd, Node.js version, and X-Secret authentication header.
discovered 2026-05-28
Campaigns
Linked packages
- npm@cloudplatform-single-spa/billingexfiltrates-to
- npm@car-loans/mobile-car-loans-applicationexfiltrates-to
- npm@mlspace/shared-storageexfiltrates-to
- npm@fb-deposit/form-depositexfiltrates-to
- npm@debit-ib/mobile-debit-ib-additional-card-formexfiltrates-to
- npm@t-in-one/add_applicationexfiltrates-to
- npm@capibar.chat/ui-kitexfiltrates-to
- npm@sber-ecom-core/sberpay-widgetexfiltrates-to
