top | item 46363563

(no title)

cogogo | 2 months ago

I know I shouldn’t but I find it hilarious that whoever wrote this wrote the malware so explicitly. Something about functions like exfiltrateCredentials and clear comments for the backdoor makes me chuckle. They went through all the trouble to detect debuggers and sandboxes and did not even bother to obfuscate the code.

discuss

taherm789|2 months ago

It's not? The code is all obfuscated, the author wrote it for us to demonstrate what's happening.

Etheryte|2 months ago

The author specifically calls it out in the post, no?

> They also left helpful comments in their code marking the malicious sections - professional development practices applied to supply chain attacks. Someone probably has a Jira board for this.

cogogo|2 months ago

It also has me musing… do they have good test coverage for their 27 debugging traps? And it must be such a headache to even functionally test your malware. What a time to be alive!