More than a hundred backdoored malware repos traced to single GitHub user
Technology
4
Beiträge
3
Kommentatoren
6
Aufrufe
-
This post did not contain any content.
The strange tale of ischhfd83: When cybercriminals eat their own
A simple customer query leads to a rabbit hole of backdoored malware and game cheats
Sophos News (news.sophos.com)
-
This post did not contain any content.
The strange tale of ischhfd83: When cybercriminals eat their own
A simple customer query leads to a rabbit hole of backdoored malware and game cheats
Sophos News (news.sophos.com)
Well that's certainly no light read - I'll admit that I've only read the first six sections of the document for now
The crux of it that I could see was the initial repo that was backdoored contained a malicious Windows command in the PreBuildCommand field of .vbproj file
My initial thoughts would be that it might be advisable for build tools to confirm any defined build commands with the user when it detects a command not seen before?
I suppose otherwise the argument could be made that if you're downloading and compiling code that is backdoored, if you're not checking .vbproj or equivalents, you're probably also not auditing any source code either and you're being pwned either way.
-
Well that's certainly no light read - I'll admit that I've only read the first six sections of the document for now
The crux of it that I could see was the initial repo that was backdoored contained a malicious Windows command in the PreBuildCommand field of .vbproj file
My initial thoughts would be that it might be advisable for build tools to confirm any defined build commands with the user when it detects a command not seen before?
I suppose otherwise the argument could be made that if you're downloading and compiling code that is backdoored, if you're not checking .vbproj or equivalents, you're probably also not auditing any source code either and you're being pwned either way.
A lot of malware-adjacent stuff, like exploit demonstration code, has contained its own malware targeting the user. Probably best to run stuff like that in a container or VM.
-
A lot of malware-adjacent stuff, like exploit demonstration code, has contained its own malware targeting the user. Probably best to run stuff like that in a container or VM.
Agreed - the end of the article does state compiling untrusted repos is effectively the same as running an untrusted executable, and you should treat it with the same caution (especially if its malware or gaming cheat adjacent)
-
-
-
[🇨🇭Switzerland] Google, X/Twitter and Other Online Services are Set to Pay Copyright Fees for Displaying Short Extracts From Newspaper Articles.
Technology
1
-
Trump extends the TikTok ban deadline for a third time; there is no legal basis for the extensions and it is unclear how many times the deadline can be extended
Technology
1
-
-
-
-
