GitHub exploit user calls their payload virus (lemmy-ui.nowsci.com:33443)

submitted 1 month ago by fmstrat@lemmy.nowsci.com to c/programmer_humor@programming.dev

11 comments fedilink hide all child comments

Had this user try to do a PR on my webbian project in hopes of an auto-accept. They literally have a repo called virus. Reported, of course, but found it funny.

you are viewing a single comment's thread
view the rest of the comments

[-] MinekPo1@lemmygrad.ml 4 points 1 month ago

I suspect that's not the actual payload , the anggur- repo appears to be more suspicious , might try to analyse that

[-] MinekPo1@lemmygrad.ml 2 points 1 month ago

here is the extracted payload : https://gist.github.com/MinekPo1/af9bfd787c35ea5ff8b22165e9a05a6d

[-] MinekPo1@lemmygrad.ml 2 points 1 month ago

the other mentioned repo has the same payload soooo

[-] MinekPo1@lemmygrad.ml 1 points 1 month ago

also : https://github.com/Kingcy78/NEW/blob/main/1#L551-L570

high quality malware !

[-] Scoopta@programming.dev 1 points 1 month ago

I can't help but wonder given the lewd imagery if the name kingcy is a play on "kinky"...

[-] MinekPo1@lemmygrad.ml 1 points 1 month ago

doubt it , since they shorten their username to CY78 , for example on their youtube channel profile or in the vaguely lewd unicode art

[-] pfm@scribe.disroot.org 1 points 1 month ago

Haha, in the past IRC was the way to control puppets, now it seems Telegram is the way. 😅

this post was submitted on 19 Dec 2024

74 points (98.7% liked)

Programmer Humor

20033 readers

1680 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

founded 2 years ago

MODERATORS

Feyter@programming.dev

anzo@programming.dev

BurningTurtle@programming.dev

pylapp@programming.dev