PSA: "changeme" issue fix scams are doing the rounds on GitHub. #137
ZZ-Cat
announced in
Announcements
Replies: 0 comments
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
-
Warning
DO NOT click links in unsolicited comments claiming to fix your "trouble".
The link contains a downloadable encrypted trojan that will steal your account log-in credentials and/or other important private data.
Image source: r/GitHub
For now, this scam has not shown up in any of my own repositories (including CRSF for Arduino). However, I am aware that this scam is doing the rounds on GitHub, and it's only a matter of time before it eventually finds its way here. So, I am proactively alerting you to this before it gets here.
You MUST NOT click suspicious links.
This includes unsolicited links offsite claiming to "fix" your issue.
In GitHub's context, Pull Requests that actually resolve issues (be it bug fixes, vulnerability patches, enhancements, or new hardware support) are typically automatically linked to their parent issue.
NO LEGITIMATE REPOSITORY OR PROJECT OWNER OR MAINTAINER WILL EVER LINK YOU TO A THIRD PARTY TO FIX YOUR ISSUE!!!
Beta Was this translation helpful? Give feedback.
All reactions