@angristan Wait, is Github just now learning that you shouldn't let random strangers run code on your infrastructure? For free? 😂

@angristan lol this might fuck people that do serious stuff on it

@angristan The Chinese characters in the job title suggest that the purpose of the script is to automatically abuse the login-reward system of the China Unicom website, but the content of the script is different -- it's just a cryptomining script. So I guess it's a "fork" of the original script. I think I have a clue of the identity of the attacker.

@angristan no surprised. A ton of malware uses GitHub as a C2 and GitHub does little to stop it

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!