• bort@sopuli.xyz
    link
    fedilink
    arrow-up
    40
    ·
    10 months ago

    I don’t see how “scammers creating scam repos” [2] is newsworthy at all. At least the headline seems like a big nothing-burger to me.

    farther down in the article are 2 interesting informations, namely this diagram [1] and the fact that scammers seem to have moved from pip to github, and then started to use forks to make their scam-clones appear more believable.

    [1] https://apiiro.com/wp-content/uploads/2024/02/Malicious-Package-Timeline.png

    [2] 1000 guys make 1000 clones of 1000 legit libraries, and than create 1000 forks of their clones, to make them seem more legit than the original lib. 999 of each 1000 clones get autofiltered by github

    –> 100010001000*1000/1000 = 1.000.000.000 infected repos(inkluding forks) and 1.000.000 (wihout forks).

    so the number of 100.000 infected repos doesn’t seem to be interesting or unexpected in any way.