Welcome to the Off-Shore Club

The #1 Social Engineering Project in the world since 2004 !

Important Notice:

✅UPGRADE YOUR ACCOUNT TODAY TO ACCESS ALL OFF-SHORE FORUMS✅

[New]Telegram Channel

In case our domain name changes, we advise you to subscribe to our new TG channel to always be aware of all events and updates -
https://t.me/rtmsechannel

OFF-SHORE Staff Announcement: 30% Bonus on ALL Wallet Deposit this week


For example, if you deposit $1000, your RTM Advertising Balance will be $1300 that can be used to purchase eligible products and service on forums or request withdrawal. The limit deposit to get the 30% bonus is $10,000 for a $3000 Marketplace wallet balance Bonus.

Deposit Now and claim 30% more balance ! - BTC/LTC/XMR


Always use a Mixer to keep Maximum anonimity ! - BTC to BTC or BTC to XMR

News GitHub Spam is out of control

News
⚠️Always Remember to keep your identity safe by using a Zero-KYC Zero-AML like https://coinshift.money⚠️

Gold

Maksim

Tactician
Staff member
Administrator
Instructor
USDT(TRC-20)
$450.0
GitHub Spam is out of control

Spam is nothing new, spam on GitHub is also not particularly new. Any site that accepts user-generated content will need to figure out how to prevent people from submitting spam, whether that is for scams, malicious software, or X-rated material. I have been getting tagged in Crypto related for the past 6 months or so. In the past 24 hours I have been tagged in two of them.

Normally, these crypto scams on GitHub post and tag multiple people in it, and then almost immediately get deleted by the poster of the scam. It appears that this is a way to bypass spam filters, or at the very least make it harder to report them. According to this post on GitHub’s community org, the end user gets an email with the full post and spam, but there is no easy way to report it since it is already deleted.

The Issue​

Today, though, was my “lucky” day. I got tagged in two scams, but one of them is still up! So let’s take a look into it.
Screenshot-2024-01-28-at-1.47.02 PM-800x1024.png

As we can see in the screenshot above, there is a copy and paste message from a seemly auto-generated user and a bunch of real users tagged below as “Winners”. The full pull request can be found here: https://github.com/boazcstrike/github-readme-stats/pull/1
Let’s do a little experiment and search for the title of the comment on GitHub and see what we get:
https://github.com/search?q=AltLayer+Airdrop+Season+One+Announcement&type=pullrequests
Screenshot-2024-01-28-at-1.53.46 PM-1024x509.png


That is 274 comments on pull requests and 545 comments on issues. Over 800 spam comments (819 to be exact). To be fair, I saw a couple of false positives in this search, but VERY few since this is a very specific and long term we searched up. Assuming that 95% of them are correct matches, then that is ~780 posts.

The REAL kicker in all of those pull requests and issues I could find, I could only find one’s that was 24 hours or newer. The oldest I could find is only 18 hours ago from the time of writing this article!

Each post has up to 20 users tagged in it. I do not know if this is a GitHub imposed limit or if they might get flagged easier if they tag more than 20 accounts. ~780 posts * 20 = 15,600 accounts tagged.

As I was finishing this article, I found another set of these with the title of “Binance Airdrop Guide: $500k Worth of Airdrop is Ready, here’s how to Claim”.
Screenshot-2024-01-28-at-2.04.55 PM-1024x508.png


Another ~800 mentions of it. The interesting thing with this one is that some of these are over 1 month old! There are even 3 spam posts on 1 pull request, tagging 10 users each! https://github.com/varathsurya/nurse_management_api/pull/1

So that is another ~15k accounts tagged… We are 30k accounts tagged so far, lets look at who is doing the tagging for the most part.
Here are a few accounts I found:
https://github.com/devsquadcore
https://github.com/mohamedata-code
https://github.com/altagencyuk
They seem to have a lot of similarities.
1) No profile picture
2) A couple of years old, but usually no commits and no repos
3) If they do have a repo(s), it’s a 1 commit thing usually of some open-source software (1 account had 4 repos of Laravel, and one had 1 repo of wordpress).

WTF​

Screenshot-2024-01-28-at-2.34.10 PM-1024x359.png

Quick side note: How the actual fuck does GitHub NOT have a report button on a piece of user generated content. Do you know the process of reporting this? Copy Link -> Go to user’s profile page -> Click Block & Report -> Click Report Abuse button -> *New page* Click “I want to report harmful… cryptocurrency abuse” -> Click “I want to report suspicious cryptocurrency or mining content.” button -> FINALLY paste the link you copied 10 years ago into the form box and give your justification on why this user did a bad thing and hope that the link still works/content is still up by the time they get around to looking at it…
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Friendly Disclaimer We do not host or store any files on our website except thread messages, most likely your DMCA content is being hosted on a third-party website and you need to contact them. Representatives of this site ("service") are not responsible for any content created by users and for accounts. The materials presented express only the opinions of their authors.
🚨 Do not get Ripped Off ! ⚖️ Deal with approved sellers or use RTM Escrow on Telegram
Gold
Mitalk.lat official Off Shore Club Chat


Gold

Panel Title #1

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Panel Title #2

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
Top