[baalware]

Whoever keeps fetching code from GitHub, beware! I just found, within an import created two days ago, a thief of 1801 lines of code that steals everything from your computer, including your bitcoins. From what I saw, the import was present in 16 repositories.

https://pbs.twimg.com/media/Fz2M1i8XsAUW...ame=medium

The information was being sent to a Discord webhook, and the entire script within the import was encrypted using the Fernet module. So, I created a small script to decrypt it since the key was available within the import.

.

Name of the import with the malicious script.

import pythoncryptolibraryV2

[lord_x]

Fucking scammers everywhere bro .. Nice share!

[pyro119]

Thanks for the tip, I will look out for this in the future as I get allot of code from github

[thrax]

>The information was being sent to a Discord webhook
You can send a DELETE request to the webhook and it will be deleted, unless they are using some sort of proxy but since you know it's webhook I doubt it.

[koko]

Create a little script to spam the webhook with dummy data I guess.

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Attempted Scamming | https://breachforums.rs/Forum-Ban-Appeals if you feel this is incorrect.

[joepa]

Thank you for sharing my script :-D

[pyro119]

Thanks for the warning, in retrospect it should be obvious but Ive taken for granted the safety of github code. 

Personally if I am doing something iffy I just run it in a virtual machine on an external SSD and disable file sharing with the host

[happenstance]

wonder if it was repo-jacking or just idiot devs. have to be diligent as hell with github, thanks for the reminder

[azathothunlimited]

hq report. thanks for the heads up

[Leukemia]

beware xD

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Self-Ban | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you wish to be unbanned in the future.