I have no words to thank everyone for helping yesterday.
-
RE: https://social.lol/@otaviocc/116076383907156741
I have no words to thank everyone for helping yesterday.
Great news: Yesterday on the omg.lol IRC server, folks investigated and discovered the GitHub account was part of a network of bots. These bots republish open source projects, modifying their READMEs with malicious links, and distribute Windows malware through fake builds.
After documenting the findings, we reported everything to GitHub. Within hours, they took down the repositories and an account for violating their Terms and Code of Conduct.
Thank you for investigating, reporting, and sending coffee. You're all amazing!
I planned to write a blog post today, but @brennan already wrote something better than I could. You should read it:
The Curious Case of the Triton Malware Fork
Today, a weird malware distribution campaign targeting users of omg.lol and Triton, an open-source macOS client of omg.lol, was found. The attack leverages the trust of GitHub, creating a malicious fork where the download link has been replaced with malware hidden in presented .zip file.
brennan.day (brennan.day)
Many thanks to @brennan, @chilli, @adam, mattl, @cygnoir, @annika, @jarunmb, and everyone else who helped!
-
RE: https://social.lol/@otaviocc/116076383907156741
I have no words to thank everyone for helping yesterday.
Great news: Yesterday on the omg.lol IRC server, folks investigated and discovered the GitHub account was part of a network of bots. These bots republish open source projects, modifying their READMEs with malicious links, and distribute Windows malware through fake builds.
After documenting the findings, we reported everything to GitHub. Within hours, they took down the repositories and an account for violating their Terms and Code of Conduct.
Thank you for investigating, reporting, and sending coffee. You're all amazing!
I planned to write a blog post today, but @brennan already wrote something better than I could. You should read it:
The Curious Case of the Triton Malware Fork
Today, a weird malware distribution campaign targeting users of omg.lol and Triton, an open-source macOS client of omg.lol, was found. The attack leverages the trust of GitHub, creating a malicious fork where the download link has been replaced with malware hidden in presented .zip file.
brennan.day (brennan.day)
Many thanks to @brennan, @chilli, @adam, mattl, @cygnoir, @annika, @jarunmb, and everyone else who helped!
-
RE: https://social.lol/@otaviocc/116076383907156741
I have no words to thank everyone for helping yesterday.
Great news: Yesterday on the omg.lol IRC server, folks investigated and discovered the GitHub account was part of a network of bots. These bots republish open source projects, modifying their READMEs with malicious links, and distribute Windows malware through fake builds.
After documenting the findings, we reported everything to GitHub. Within hours, they took down the repositories and an account for violating their Terms and Code of Conduct.
Thank you for investigating, reporting, and sending coffee. You're all amazing!
I planned to write a blog post today, but @brennan already wrote something better than I could. You should read it:
The Curious Case of the Triton Malware Fork
Today, a weird malware distribution campaign targeting users of omg.lol and Triton, an open-source macOS client of omg.lol, was found. The attack leverages the trust of GitHub, creating a malicious fork where the download link has been replaced with malware hidden in presented .zip file.
brennan.day (brennan.day)
Many thanks to @brennan, @chilli, @adam, mattl, @cygnoir, @annika, @jarunmb, and everyone else who helped!
@otaviocc on the other hand I now know about Triton and Iβll try it. It looks pretty sweet.
-
RE: https://social.lol/@otaviocc/116076383907156741
I have no words to thank everyone for helping yesterday.
Great news: Yesterday on the omg.lol IRC server, folks investigated and discovered the GitHub account was part of a network of bots. These bots republish open source projects, modifying their READMEs with malicious links, and distribute Windows malware through fake builds.
After documenting the findings, we reported everything to GitHub. Within hours, they took down the repositories and an account for violating their Terms and Code of Conduct.
Thank you for investigating, reporting, and sending coffee. You're all amazing!
I planned to write a blog post today, but @brennan already wrote something better than I could. You should read it:
The Curious Case of the Triton Malware Fork
Today, a weird malware distribution campaign targeting users of omg.lol and Triton, an open-source macOS client of omg.lol, was found. The attack leverages the trust of GitHub, creating a malicious fork where the download link has been replaced with malware hidden in presented .zip file.
brennan.day (brennan.day)
Many thanks to @brennan, @chilli, @adam, mattl, @cygnoir, @annika, @jarunmb, and everyone else who helped!
-
RE: https://social.lol/@otaviocc/116076383907156741
I have no words to thank everyone for helping yesterday.
Great news: Yesterday on the omg.lol IRC server, folks investigated and discovered the GitHub account was part of a network of bots. These bots republish open source projects, modifying their READMEs with malicious links, and distribute Windows malware through fake builds.
After documenting the findings, we reported everything to GitHub. Within hours, they took down the repositories and an account for violating their Terms and Code of Conduct.
Thank you for investigating, reporting, and sending coffee. You're all amazing!
I planned to write a blog post today, but @brennan already wrote something better than I could. You should read it:
The Curious Case of the Triton Malware Fork
Today, a weird malware distribution campaign targeting users of omg.lol and Triton, an open-source macOS client of omg.lol, was found. The attack leverages the trust of GitHub, creating a malicious fork where the download link has been replaced with malware hidden in presented .zip file.
brennan.day (brennan.day)
Many thanks to @brennan, @chilli, @adam, mattl, @cygnoir, @annika, @jarunmb, and everyone else who helped!
-
RE: https://social.lol/@otaviocc/116076383907156741
I have no words to thank everyone for helping yesterday.
Great news: Yesterday on the omg.lol IRC server, folks investigated and discovered the GitHub account was part of a network of bots. These bots republish open source projects, modifying their READMEs with malicious links, and distribute Windows malware through fake builds.
After documenting the findings, we reported everything to GitHub. Within hours, they took down the repositories and an account for violating their Terms and Code of Conduct.
Thank you for investigating, reporting, and sending coffee. You're all amazing!
I planned to write a blog post today, but @brennan already wrote something better than I could. You should read it:
The Curious Case of the Triton Malware Fork
Today, a weird malware distribution campaign targeting users of omg.lol and Triton, an open-source macOS client of omg.lol, was found. The attack leverages the trust of GitHub, creating a malicious fork where the download link has been replaced with malware hidden in presented .zip file.
brennan.day (brennan.day)
Many thanks to @brennan, @chilli, @adam, mattl, @cygnoir, @annika, @jarunmb, and everyone else who helped!
-
R relay@relay.publicsquare.global shared this topicR relay@relay.mycrowd.ca shared this topic
!
