| ▲ | Ask HN: Active GitHub accounts (probably) delivering malware, now what? | |||||||
| 2 points by defnord 12 hours ago | 2 comments | ||||||||
I came across these two accounts that probably are up to no good: 1) silverstewardvice and 2) RadianFinancialHelix. Both joined and created repos the same day (Jun 7, 2026) and began their activity 2 days ago. They pretend to be projects related to the game Terraria, nothing to download in the repos but instead points to external site (https://telegra.ph) for download, both using the same URL (site/Setup-06-13-3). The telegra.ph site in turn points to https://webxpl.fun/ to "Download from Official Website" and to a zip-file if you click "Instant Direct Download" hosted at the same site. Since they are starred there might be some more accounts to be found promoting the same URL. I did not download and verify that it actually is malware. I am not the usual HN user and lack both the skills and technology to deal with this, don't even have a GitHub account so it would be swell if someone could report them and as they target kids maybe also ask a friend to put on a hat of any color and go after those dickheads. 1) https://github.com/silverstewardvice/Terraria-Calamity-Mod-2026 2) https://github.com/RadianFinancialHelix/Terraria-Standalone-LAN-Build-Cracked | ||||||||
| ▲ | matteo8p 11 hours ago | parent [-] | |||||||
Interesting, how did you find these projects? | ||||||||
| ||||||||