Feels like just adding a direct "don't send as paypal, apple etc" rules would probably work though.
Funny enough if I stayed at Google another year I would have been lucky enough to fix it myself and make an actually decent spam blocker.
> This is still coming. The work is being completed now and we will be able to expose it in a few months.
I'm glad the official response has no date associated, so you won't know whether they published that yesterday of 8 years ago.
> Sounds like deleting a VM in Azure is as tedious as trying to manage resources in a complex role-playing game—one wrong step, and you’re stuck dealing with frustrating dependencies! If you’re tired of that kind of hassle, maybe it’s time to switch things up with Download SpinRP. Instead of deleting VMs in the right order, you can dive into an immersive world where strategy and excitement go hand in hand. Why deal with a “big fat pink error” when you could be making big moves in SpinRP instead?
<acknowlege and describe post you're replying to, use at least one "—"> <shill> <shill + acknowledge>
How hard could it be to add "add a few grammatical and spelling mistakes. Use no emojis. Reply like someone on instagram" or something to the system prompt? I shouldn't give them ideas, but come on, that's low hanging fruit.
Cherry on top: you used to pay to have an MSDN membership and access this wonderful community.
To be fair though, the early MSDN was really good, and in a distant past MVP was a real achievement (say early 2000s). Now it's a weird mix real issues and "my printer blinks red, how to fix?"
I don't think anyone reads MSDN at Microsoft anymore, it's a deadland, but I guess they generate some metrics of user engagement and product feedback from there.
"We only sell the shovels, we don't use them, we don't think we have any holes needing dug."
> Sounds like deleting a VM in Azure is as tedious as trying to manage resources in a complex role-playing game—one wrong step, and you’re stuck dealing with frustrating dependencies! If you’re tired of that kind of hassle, maybe it’s time to switch things up with Download SpinRP. Instead of deleting VMs in the right order, you can dive into an immersive world where strategy and excitement go hand in hand. Why deal with a “big fat pink error” when you could be making big moves in SpinRP instead?
I’ve found Discord to be responsive to abuse complaints in the past. If someone wrote a simple script to download these repos and extract the Discord webhook links I bet you could get Discord to shut down their accounts.
In my past experience Discord was aggressive about this, going so far as to ban the accounts of people who had participated on those servers with clearly illegal purposes. They’ll come back and make new accounts again, of course, but having them lose all of their connected servers, history, and requiring them to update every single one of their malware drops should slow them down considerably.
The responsible thing would be also to release all related data, icluding personal information (IP adresses, emails, list of contacts, chat logs) to investigation (police, etc)
I don’t get visibility into internal Discord operations, though. We just see that the perpetrators lost both their Discord server and their accounts disappeared from other Discords they were in. They angrily returned later with new usernames.
there's a large variety of malware, they don't all phone home the same way and they don't all phone home to discord
I’m not saying every malware uses Discord. I’m talking about the article.
Discord is free and easy. The notification pops up right where they’re already chatting with each other for 16 hours every single day.
Renting a VPS and writing custom software to accept a POST request requires a credit card, programming skill, and time.
This trains people that do a lot of piracy to be used to turning off their antivirus to let something through, which is fine until it's not. It's like drugs, if we know a subset of the population will do them no matter what, we should make it safe for them to the extent we can. False positives, causing people to ignore actual positives, creates a market for these things.
You also need to look at the bigger picture: Keygens are something you very much do not want anywhere in a corporate environment for obvious reasons. Being able to flag them on Windows machines is very valuable.
There's something seriously wrong with A/V heuristics.
It’s extremely annoying. It’s my code, stop deleting it. It’s not malware.
Serious question. The repos aren't themselves doing harm, are valuable for research, and would be distributed some other way if GH removed them. Maybe a banner “be careful! others have reported that this repo may not do what it claims. proceed with caution” would be a more appropriate response?
Yes they are. Did you read the part about the people doing this and getting 50-100 compromised computers per day? They’re stealing accounts and crypto with these.
> are valuable for research,
Research into how they’re harming people? The research is done. Time to move to fixing it.
> and would be distributed some other way if GH removed them.
This is like saying we shouldn’t wear seatbelts because some people will still die in car crashes anyway.
You don’t avoid improving a situation just because you can’t perfectly fix it globally. You address what you can and reduce the problem.
So, sounds like the Github team should take some action here.
Yes they are. They are being used as delivery mechanism for malware.
Yes they are, they're distributing malware
> are valuable for research
Marginally, at best
> and would be distributed some other way if GH removed them
Another way that wasn't so well SEO-optimized and didn't carry the Github halo.
Maybe? But definitely to less people? I don't see the argument for allowing them.
personally if i post such things i will either ensure it has detections everywhere or somehow neuter it. usually for research you dont really need to have fully functioning malware. just enough to prove some question. so despite posting sources of malware being ok, and it being available in lots of places, i do think, especially for advanced things, its better not to contribute it freely... but to each their own. i'd advise strongly against just outright posting functional cyber weapons, not because its illegal, but simply because its really not needed. there is more bad potential than positive use compared to broken or incomplete versions.
Just curl -X DELETE https://discord.com/api/webhooks/[...]
In other cases you may need additional headers to authenticate, but if the script you've found contains the URL, it probably also contains the auth header too.
All you do is send a DELETE request to the URL.
curl -X DELETE https://discord.com/api/webhooks/1050437982584324138/VJByvmBKESSUv4fYn0LIjlBR4VzMRTEPOKVJoWFvCeHd7o3LtclQMJDMuiLzT57iqn7B
{"message": "Unknown Webhook", "code": 10015}If I download and install a mod for minecraft, it should never have access to anything on my computer, except for the minecraft game files itself. If I open a spreadsheet in Excel, the excel process should have access only to that file and it's own config files.
Something similar to how android works, were the app has to explicitly ask the user to access their files.
Yes, qubes is harder, but it's also very niche, barely supported, and difficult to use.
There's really a lot of middle ground "any application can do whatever on your system as the user running it" and "any application runs in a separate OS with no rights and just 120 lines of hardened hypervisor code in common.
So ya, you've just broken a thousand enterprise application and integrations.
I also deleted files on the file sharing websites, such as mediafire and mega.
My abuse emails followed the clear and understandable email template: your service is hosting malware, here's the link, it's password protected and the password is X, here are virustotal results, here's the original repo which it impersonates, and I want you to delete it.
When searching for it I found multiple, some had download from github repos. None was looking trustworthy enough, so I didnt download any. But I hesitated a little.
From how they looked, I think now that was the kind of malware the author describes.
Waiting six months for Github to remove malicious repositories is unacceptable.
Most fun you can have is to generate real-like looking data (there are tools for that) and mass send them to these discord webhooks.
;-)
Also, I am seeing firsthand that AI is not good at detecting this stuff. Claude's main problem in a code review of one of its descendants was the unethical use of an aim-bot.
edit: to clarify, my concern is about how this can exist on Github for 3 years. Thank you for compiling this and sharing your review. Great work.
Like everything else, you shouldn't blindly search on github - or any other download site.
Only download from links referred from the official site if there's any, or the game's forum, or any other trustable and human reviewed source.
https://forums.beamdog.com/discussion/87952/icewind-dale-2-e...
There is no official Enhanced Edition for IWD2 and there will never be because the source code is lost.
This is a fan made mod that patches the original binaries in memory to add stuff like wide screen support etc. And it triggers your anti virus because of that.
It's perfectly fine as long as you download it from the official sources.
I don't know why anyone running one of these schemes to distribute malware would even enable the issues tab on github, let alone not delete every issue posted containing keywords like malware, trojan, virus, etc. with a script.
Are hidden until approved issues not supported on github? Is this caused by some limitation of creating these repos programmatically?
They don’t care about people who know enough to check the issues. They’re fishing for the people who blindly download and run things, not who look under the hood.
Is that saying it creates a sqlite database? I kind of doubt it. I think more likely is it uses sqlite to read from existing sqlite databases that exist on disk, to steal data from them.
Better to have an attitude that Github is malware and a healthy skepticism of any repo?
Some honeypot scheme or social engeneering against them.
Ideas?
Microsoft is alright in my book. Let GitHub be free.
Maybe could stop people from being able to git pull them without a confirmation, but deleting does not make sense
I guess the problem is that only helps those who already know they need to watch out for this sort of thing, not the users most likely to be pwned.
Response times can very from hours to what feels like months, and they rarely handle reports based on patterns of abuse.
3 years unfortunately
This one has been up for two years: https://github.com/Aker490/Steal-Cookie-Roblox
It would be good to hear an official response from GitHub on where the boundaries are, since it seems like there's plenty of examples of clearly malicious repos hosted for years.