close
close

Semainede4jours

Real-time news, timeless knowledge

    • GitHub projects are being targeted with malicious activity in an attempt to implicate this researcher
    bigrus

    GitHub projects are being targeted with malicious activity in an attempt to implicate this researcher

    Harry Posted on

    Future and its syndication partners may earn commission when you buy through links in our articles.

    Image showing a hand in the scanner.

    Image Credit: Pixabay. | Credit: Pixabay

    • Malicious commits found on Exo Labs’ GitHub account

    • They were sent and directed to a security researcher based in Texas

    • Malware does not exist and researcher claims someone is impersonating him

    Someone is infiltrating GitHub projects, malicious codeand is apparently trying to discredit a researcher by accusing him of hacking.

    Executives at artificial intelligence and machine learning startup Exo Labs have warned that someone is trying to push new changes to the code in the company’s GitHub repository.

    The added code was “innocent-looking” and titled “clarify mlx requirement for deepseek models,” and the attacker converted it to a number equivalent to hide the code from review. However, the submission was analyzed before it was sent to the repository and it was quickly discovered that it was attempting to connect to evildojo(dot)com to download the first stage payload. Researchers determined that the server had no data payload and was only returning a 404 error.

    Hidden Risk

    Investigators digging deeper into the attack discovered that the evildojo domain and GitHub accounts associated with the attack all pointed to a researcher named Mike Bell, a security researcher and white hat hacker from Texas. He denies any involvement in the attack and claims it was all an attempt to tarnish his reputation.

    “It’s not me, it’s an impersonator. Attention, the account has been deleted. I’m so sorry that people got dragged into a fight with me.” BleepingComputer He quoted Bell’s words about the attacks. “There has never been any burden… Why do people continue to assume there is?” he added.

    When asked about the incident on

    Considering that anyone can create a GitHub account by impersonating someone else and that no malicious payload or harm occurs, the idea of ​​a smear campaign seems plausible; especially since Bell is actively involved in the cybersecurity community, albeit from the opposing side.

    through BleepingComputer

    You may also like

    Harry
    View all posts

    You Might Also Like