Fezbox declares that it is a JavaScript/TypeScript library “Common Functions Functions” organized in Modules to make users to choose and select. Her Readme, written in Chinese, includes phrases “types”, “high performance” and “tests” and describes a QR code that could be generated, and it is necessary to analyze codes and automatic belad.
However, he did not mention that the library’s import simply started the backend process that acquired and launched the code hidden in the remote image of the QR code.
The code is a minivied (compressed) and hidden in larger blocks of seemingly benign instructions “without operation (No-OP)” that allow him to circumvent security checks. The specific condition within the code checks where the application runs in the development environment; If it is: “The code does nothing,” Brown explained, noting that this was a typical secret tactic.