Had this user try to do a PR on my webbian
project in hopes of an auto-accept. They literally have a repo called virus
. Reported, of course, but found it funny.
Had this user try to do a PR on my webbian
project in hopes of an auto-accept. They literally have a repo called virus
. Reported, of course, but found it funny.
I suspect that’s not the actual payload , the
anggur-
repo appears to be more suspicious , might try to analyse thathere is the extracted payload : https://gist.github.com/MinekPo1/af9bfd787c35ea5ff8b22165e9a05a6d
Haha, in the past IRC was the way to control puppets, now it seems Telegram is the way. 😅