2d ago

FOSS project attacks on Github, malware injected in forks ransomware Linux machines

mhouge.dk /blog/rogue-one-a-malware-story

Apparently there's a bunch of projects getting hit with this, fairly obscure ones though. Project gets forked, suddenly get a pile of stars more than the original, and then there's a curl-bash pipe inserted into it that runs some ransomeware that encrypts ~/Documents.

About a dozen other projects linked in here from another developer (excuse the Reddit link): https://old.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/

36 comments

lol, just checked. ~/Documents doesn't even exist on my machine.
- Average arch user
  
  oh oh, I'm a below average arch user. I suspect i copied most of my hoome from debian or something.
  I'll rename it to Dickuments as a security feature.
  
  Hackers gonna wanna Netflix and chill
- Me neither, I nuke the default freedesktop folders on an install because they clutter up my home folder. But I'd imagine we're the exception.