GitHub Hosting Malware Won't Remove After Report

 (github.com)

13 points | by vedmed 136 days ago

4 comments

  • vedmed 136 days ago
    Hello,

    Not sure where to turn. You guys are pretty leet. Sorry in advance if this doesn't belong.

    I'm being sent emails from cisco@appserviceinfo.com telling me to update my VPN client and linking to https://github.com/UpdaterCisco/Cisco_Anyconnect_SSLVPN/raw/...

    It doesn't show up as anything on virustotal but this is certainly some sort of malware 0day (except its been around for a week).

    I reported the https://github.com/UpdaterCisco to github as hosting malware and its still up some days later.

    Can someone with a voice that is heard get this taken care of? Or tell what I can do?

    [-]
    • OJFord 135 days ago
      Have you told actual Cisco? They have an interest in mitigating it and may have more luck or contacts, or just more people to throw at it.

      (A lot of companies have a phishing@ address or similar for this kind of thing.)

    • hypeatei 135 days ago
      Linking directly to the file download probably isn't the best idea. Small chance someone accidentally opens it.
  • JTyQZSnP3cQGa8B 135 days ago
    Don't worry, their magical "SaaS-enhancing World-revolutionizing AGI-powered Agent^TM" will soon take care of it automatically. Satya said it was powered by their new quantum computer.
  • vedmed 135 days ago
    Well they took it off a few hours after I made this post so thanks to mystery dude who pushed it through
  • beretguy 135 days ago
    Make a DMCA claim on it.
    [-]
    • tyzoid 135 days ago
      If you're not the copyright owner, that's a terrible idea. DMCA notifications are submitted under penalty of perjury:

      17 USC 512c3(vi) A statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.

      [-]