HackerTrans
トップ新着トレンドコメント過去質問紹介求人

sneakerblack

no profile record

投稿

A Primer on Datacenters

generativevalue.com
2 ポイント·投稿者 sneakerblack·3 か月前·0 コメント

Architecture Patterns: Caching (2022)

kislayverma.com
3 ポイント·投稿者 sneakerblack·7 か月前·0 コメント

State of Devs 2025

2025.stateofdevs.com
2 ポイント·投稿者 sneakerblack·10 か月前·0 コメント

AI Datacenters Eat the World (By High Yield) [video]

youtube.com
1 ポイント·投稿者 sneakerblack·10 か月前·0 コメント

コメント

sneakerblack
·16 日前·議論
This all stinks of Lazarus:

https://en.wikipedia.org/wiki/Lazarus_Group

I've done incident responses for this exact type of attack multiple times. They've gotten much better organized lately and will often contact developers directly (over LinkedIn or WhatsApp) to run this type of attack. (Although, usually pretending to run a test for a job interview -- which is maybe why the author was confused about the code)
sneakerblack
·10 か月前·議論
I think this was posted because the of the recent Npm malware fiasco. The malware monkey-patched native JS functions to replace strings that matched crypto addresses in certain the fetch, and XMLHttpRequest functions:

https://www.aikido.dev/blog/npm-debug-and-chalk-packages-com...

Considering there's no way to check whether a function is monkey-patched, this just tells me the JavaScript ecosystem was not designed with malicious actors in mind
sneakerblack
·12 か月前·議論
I think the issue with this is that you'll never be able to have the deep integration current FMD implementations have (where you have Bluetooth beacons to track the phone even when it's "off") and also be able to use anything that requires a signed bootloader and OS (such as banking apps)