Fake zero-day PoC exploits on GitHub push Windows, Linux malware (www.bleepingcomputer.com)

submitted 1 year ago by execveat@infosec.pub to c/securitynews@infosec.pub

3 comments fedilink hide all child comments

Someone created a bunch of github profiles impersonating real researchers alongside fake Twitter accounts. Pretty fascinating, really.

you are viewing a single comment's thread
view the rest of the comments

[-] ambystoma@feddit.de 2 points 1 year ago

huh, this is weird. one would think people would use separate machines / vms to test zero day exploits, not their main machines.

permalink
fedilink
source
hideshow 2 child comments

[-] execveat@infosec.pub 4 points 1 year ago

They're not even that stealthy. The code is bullshit, gitignore folder is super suspicious and malware is just a binary within the zip file. Clearly meant for script kiddies.

permalink
fedilink
source
parent

this post was submitted on 14 Jun 2023

10 points (100.0% liked)

Security News

2279 readers

3 users here now

founded 1 year ago

MODERATORS

jerry@infosec.pub