Apparently there’s a bunch of projects getting hit with this, fairly obscure ones though. Project gets forked, suddenly get a pile of stars more than the original, and then there’s a curl-bash pipe inserted into it that runs some ransomeware that encrypts ~/Documents.
About a dozen other projects linked in here from another developer (excuse the Reddit link): https://old.reddit.com/r/golang/comments/1jbzuot/someone_copied_our_github_project_made_it_look/
Average arch user
oh oh, I’m a below average arch user. I suspect i copied most of my hoome from debian or something.
I’ll rename it to Dickuments as a security feature.
Hackers gonna wanna Netflix and chill