☆ Yσɠƚԋσʂ ☆@lemmy.ml to Technology@lemmy.mlEnglish · 8 months agoGitHub is under automated attack by millions of cloned repositories filled with malicious codewww.pcgamer.comexternal-linkmessage-square5fedilinkarrow-up10arrow-down10cross-posted to: technology@lemmy.world
arrow-up10arrow-down1external-linkGitHub is under automated attack by millions of cloned repositories filled with malicious codewww.pcgamer.com☆ Yσɠƚԋσʂ ☆@lemmy.ml to Technology@lemmy.mlEnglish · 8 months agomessage-square5fedilinkcross-posted to: technology@lemmy.world
minus-squareCheradenine@sh.itjust.workslinkfedilinkEnglisharrow-up0·8 months agoThis is bad, but only seems to be related to forks from main (correct me if I am wrong). So if you go to source, you should be OK. ‘adding its own malicious code which is concealed under seven layers of obfuscation’ Behind seven vpns?
minus-squareHeratiki@lemmy.mllinkfedilinkarrow-up0·8 months agoI’m thinking the code is obfuscated by random calls to various functions so that the code block isn’t just one section you can easily see but sprinkled throughout instead.
minus-squareCheradenine@sh.itjust.workslinkfedilinkEnglisharrow-up0·8 months agoYes that seems like the case, it just struck me as funny
minus-squarei_am_not_a_robot@discuss.tchncs.delinkfedilinkEnglisharrow-up0·8 months agoYou’re not OK. Not all forks are labeled as forks.
This is bad, but only seems to be related to forks from main (correct me if I am wrong). So if you go to source, you should be OK.
‘adding its own malicious code which is concealed under seven layers of obfuscation’
Behind seven vpns?
I’m thinking the code is obfuscated by random calls to various functions so that the code block isn’t just one section you can easily see but sprinkled throughout instead.
Yes that seems like the case, it just struck me as funny
You’re not OK. Not all forks are labeled as forks.