this post was submitted on 14 Jun 2023
4 points (100.0% liked)

Security News

2458 readers
1 users here now

founded 2 years ago
MODERATORS
jerry@infosec.pub
4
Fake zero-day PoC exploits on GitHub push Windows, Linux malware (www.bleepingcomputer.com)
submitted 1 year ago by execveat@infosec.pub to c/securitynews@infosec.pub
3 comments fedilink hide all child comments
 

Someone created a bunch of github profiles impersonating real researchers alongside fake Twitter accounts. Pretty fascinating, really.

top 3 comments
sorted by: hot top controversial new old
[–] SHITPOSTING_ACCOUNT@feddit.de 1 points 1 year ago

Any attribution?

[–] ambystoma@feddit.de 0 points 1 year ago (1 children)

huh, this is weird. one would think people would use separate machines / vms to test zero day exploits, not their main machines.

[–] execveat@infosec.pub 1 points 1 year ago

They're not even that stealthy. The code is bullshit, gitignore folder is super suspicious and malware is just a binary within the zip file. Clearly meant for script kiddies.