Menu
What's new
By:
Filters Better Search

Malware on Github ??

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

kernol

kernol

Very Senior Member
Since the beginning of March 2021, access [at least from where I live] has been periodically blocked to Github ...
https://otx.alienvault.com/indicator/ip/140.82.121.4

Strange ... or fairly common problem for others?

EDIT: I have whitelisted in Skynet ... malware will be within user repositories ... just curious as to whether this is a fairly common issue for Github?
 
Last edited:
My GitHub access has been acting up this week.

Did not consider this, but might be a factor...
 
Where are Linux packages coming from? Should linux users be worried or those that belong to os are checked more carefully ? They are probably on separate servers but are not they built from things that are maintained on github?
 
github is a place where people can upload practically everything they want. That does not mean all downloads from there have malware. But you already know that so I don't know what the actual question is.
 
jeden said:
github is a place where people can upload practically everything they want. That does not mean all downloads from there have malware. But you already know that so I don't know what the actual question is.
Click to expand...
Im hearing a lot about some encrypted files that are invisible but are activated once they are in use. Curious if there is a possibility that there are some hidden encrypted files/code that is sleeping waiting to be awaken in some linux distros for example. Is this possible or this code is tested left and right and it wont get to official repositories for example of some linux distro?
 
I would have thought first prize would be to compromise routers around the world by injecting malicious code into firmware and/or add-on router apps ... but, not being a coder, I have no idea how difficult or even practical that would be?

Wonder if there's a link between any increased malware activity which there may be on GitHub and the acquisition of GitHub by Microsoft a few years ago?
 
kernol said:
I would have thought first prize would be to compromise routers around the world by injecting malicious code into firmware and/or add-on router apps ... but, not being a coder, I have no idea how difficult or even practical that would be?

Wonder if there's a link between any increased malware activity which there may be on GitHub and the acquisition of GitHub by Microsoft a few years ago?
Click to expand...

As stated in the article above they are going after developers so people like @RMerlin should take extra caution. Insane how you never know if in theory 100% trusted site is trusted. I know its probably rare because i never encounter anything like that but i think asus servers were compromised before i bought my asus router so it might happen again.
 
Solarwinds has shown all of us that any supply chain can be compromised, being wary is good, a zero trust approach would be better, which to say the least is a challenge with asus closed source components.
 
podkaracz said:
As stated in the article above they are going after developers so people like @RMerlin should take extra caution. Insane how you never know if in theory 100% trusted site is trusted. I know its probably rare because i never encounter anything like that but i think asus servers were compromised before i bought my asus router so it might happen again.
Click to expand...
I have absolutely no doubt that @RMerlin knows the risks and every confidence that he knows better than most how to avoid the problems.
No worries on that front ... it's the less well informed and less skilled folk with the best intentions ... that are at most risk.
 
Without going into details, due to my workflow, it's almost impossible for someone to modify the content of my github repo without me noticing.
 
You must log in or register to reply here.

Similar threads

Viktor Jaep
VPNMON VPNMON-R2 v2.0 -Jul 10, 2022- Monitor your VPN connection's Health (Thread locked/closed)
23 24 25
Replies
499
Views
57K
Viktor Jaep
Viktor Jaep
A
X92u Wireless Backhaul and Passive in WiFi Log
Replies
0
Views
947
Alloy202
A
ThePooBurner
Is there a script for configuring VLANs?
2
Replies
22
Views
10K
QuietWon
Q
ForkWNY
ASUS Letsencrypt - workaround if yours is broken
Replies
0
Views
12K
ForkWNY
ForkWNY
S
I’m terrified and am so hoping someone can help me
2
Replies
30
Views
6K
Sky
Sky
Similar threads
Thread starter Title Forum Replies Date
RMerlin Github repo stats Asuswrt-Merlin 5

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 550 (members: 14, guests: 536)
Top