Please check your repos for suspicious "Upload Files" PRs ... And report them to GitHub

This triggers cryptomining jobs in GitHub Actions that will appear under your repo

Show thread

Maybe this will stop our Cryptomining Spammer ... "Limit to existing users" 🤔

Show thread

@lupyuen I looked through their user profile and in the last two days they have forked 94 repos and made PRs all with the same goal of destroying this planet for profit 🤬
So I promptly reported this greedy bastard's ass...

@lupyuen Also unsurprisingly, GitHub already has a report category for this type of spam 🙄

@totoroot This is the third user I've reported to GitHub. Somehow GitHub can't figure out it's the same person sigh.

@lupyuen there’s no btc address there.
Just xmrig command, donate level and xmrig proxy.
Maybe it’s a movement? Who knows

@lupyuen What's the point of making these? Actions on PRs execute with the resources of the owner, no? What's the advantage of making the PR on someone else's repo?

@2ck To evade detection maybe? Many repos are idle and can trigger jobs with this hack

@lupyuen jajaja. Just switch your repo to private for a day Mr. Lupyuen :blobcatfunny:
i feel bad but it’s still funny :blobcatfunny:

@deesapoetra Haha I got plenty of time to report these abusers to GitHub ... Let this be a Honeypot for Futile Cryptominers! 👍

@lupyuen
Someone from middle east possibly similar wrote me. Write back if interested in making yuge bucks over net.

I replied write back if mo was a most famous paedo in whole humanity.

Still no answer from him. Getting desperate.

Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.