disagree. more marketshare does not mean juicier targets, which, in this case, would be tor users. in addition, you don't buy an exploit to use it en masse, that would get it burned really quickly
that's the issue! it should not be apple's phone! i paid for the hardware and current version of the software - anything more should be provided to me out of their goodwill, not because it is their device.
NOT the same malware template. article only details how "This first repo I found" works, not all of them. look at how his github searching script works in "Scraping Github" - there is no way to determine what malware is in the repo, only that it is doing keyword stuffing.
the article details how github is spammed by multiple people who read one guide. not every single one of the 1000 repos is THE SAME breed of malware. some overlap, maybe. but some is c#, some is rust, some is python. out of those that are python, some are obfuscated with this love/trust/joy obfuscator, some use pyarmor, some are compiled with nuitka. no, the guide does not instruct you which malware strain to use, only how to game github for traffic.
if it was that simple it would be a solved problem. i encourage you to give it a shot
yes, they identified spammy repos. you'd also need to identify which repos belong to which spammer groups, it's not just one person doing this (as mentioned in the article) -> they don't use the same malware. saying "sent to some discord server" is like saying "playing games on my nintendo". the malware is also obfuscated (as mentioned in the article) which makes identifying the home server harder with static analysis.