HackerTrans
トップ新着トレンドコメント過去質問紹介求人

kumavis

no profile record

コメント

kumavis
·9 か月前·議論
specifically here https://github.com/IRS-Public/direct-file/tree/main/direct-f...
kumavis
·9 か月前·議論
Keybase <3
kumavis
·10 か月前·議論
> all the malware did was modify the destination addresses of cryptocurrency payments mediated via online wallets like MetaMask

A clarification: Despite MetaMask depending on the compromised packages it was not directly affected because: 1) packages were not updated while the compromise was live 2) MetaMask uses LavaMoat for install-time and run-time protections against compromised packages

However the payload did attempt to compromise other pages that interact with wallets like MetaMask.

Disclaimer: I worked on LavaMoat

LavaMoat: https://github.com/lavamoat/lavamoat