Comment by Algent
3 months ago
The internal auto updater of the app directly use github as source, was this also compromised ? If malware was only on some random apkmirror upload then it should probably be fine for most users.
3 months ago
The internal auto updater of the app directly use github as source, was this also compromised ? If malware was only on some random apkmirror upload then it should probably be fine for most users.
Apparently, yes. My guess is it was the Shai-hulud npm malware leaking their Github keys.