How I Got Hacked: A Warning about Malicious PoCs
(chocapikk.com)
from ByteOnBikes@slrpnk.net to cybersecurity@sh.itjust.works on 18 Apr 13:31
https://slrpnk.net/post/20990573
from ByteOnBikes@slrpnk.net to cybersecurity@sh.itjust.works on 18 Apr 13:31
https://slrpnk.net/post/20990573
Late at night, I was testing a proof-of-concept (PoC) exploit for CVE-2020-35489 (github/[.]com/gh202503/poc-cve-2020-35489) that I found on GitHub. The repository looked legitimate, and in my exhaustion, I skipped the usual precautions. I cloned the repository and ran the script without inspecting its contents.
A few hours later, my system started behaving strangely. CPU usage was abnormally high, and after further investigation, I found that a hidden malware had infected my machine. Worse, my credentials, SSH keys, and other sensitive data had been stolen and uploaded to an attacker-controlled repository.
threaded - newest
Darn… I absolutely would have fallen for that trick, thinking I was being proactive in my security practices. I guess there will always be another vector to attack from.
Why would a security researcher not test vulnerabilities on a test system? This seems incredibly dumb and questions everything about the researcher.