Had this user try to do a PR on my webbian project in hopes of an auto-accept. They literally have a repo called virus. Reported, of course, but found it funny.
You must log in or register to comment.
... rm -rf /sdacrd/androind ...I don’t even think this guy tested his own virus lol
maybe it was all crappy and obvious on purpose, to prove how easy it could be
I suspect that’s not the actual payload , the
anggur-repo appears to be more suspicious , might try to analyse thathere is the extracted payload : https://gist.github.com/MinekPo1/af9bfd787c35ea5ff8b22165e9a05a6d
the other mentioned repo has the same payload soooo
also : https://github.com/Kingcy78/NEW/blob/main/1#L551-L570
high quality malware !
Haha, in the past IRC was the way to control puppets, now it seems Telegram is the way. 😅
