← Back to context

Comment by davidcrowe

1 day ago

Same thing happened to one of my repos in Feb. I wrote up the details with screenshots.

https://reducibl.com/writing/someone-used-my-repo-to-distrib...

6 comments

davidcrowe

Reply

KolmogorovComp 2 hours ago

Thanks for the writing, which would have been even better had it been written by a human.

theorchid 1 hour ago
Why do you think it wasn't written by a human?
- KolmogorovComp 11 minutes ago
  
  Have you read the article?
  > that’s not a developer contributing to open source. that’s someone manufacturing the appearance of activity.
  > the attacker’s own profile? no bio, no avatar, 499 contributions crammed into january–february 2026.
  > this wasn’t random
  > i reported the repo to github. the ticket is open. but this raises a question i keep coming back to

theorchid 8 hours ago

Thank you. I've added a link to your article in my article.

dawnerd 17 hours ago

Did Github ever do anything?

davidcrowe 4 hours ago

Yea, they removed the fork <24 hours after I reported it