← Back to context

Comment by cogogo

2 days ago

I know I shouldn’t but I find it hilarious that whoever wrote this wrote the malware so explicitly. Something about functions like exfiltrateCredentials and clear comments for the backdoor makes me chuckle. They went through all the trouble to detect debuggers and sandboxes and did not even bother to obfuscate the code.

3 comments

cogogo

Reply
taherm789  2 days ago

It's not? The code is all obfuscated, the author wrote it for us to demonstrate what's happening.

  • Etheryte  2 days ago

    The author specifically calls it out in the post, no?

    > They also left helpful comments in their code marking the malicious sections - professional development practices applied to supply chain attacks. Someone probably has a Jira board for this.

cogogo  2 days ago

It also has me musing… do they have good test coverage for their 27 debugging traps? And it must be such a headache to even functionally test your malware. What a time to be alive!