Malware detected

hi
I downloded this program : https://github.com/githuob/SpyNote-v6.5-Cracket-2020
when i’d run AndroidTester_v6.4.6.exe this program MpCmdRun2.exe will be creted in TEMP and used a TCP connection “193.161.193.99”
so why it used TCP connection
is it a Payload Trojan for hack people ??

1 Like

:wave: Welcome!

Thanks for letting us know! I’ve passed your report on to be investigated.

Moved this thread to Uncategorized, as there isn’t any relation to GitHub Actions.

I thought that you would move to stop the virus, my device and many others devices where hacked because of your platform and did not move yet !!
at first, i throught that you as programmers would check any program that might be uploaded before make it public
i detected also an injection in my /RUN/ in registry for run the trojan
i don’t know how to check the memory process maybe the payload injected in my memory

This is being investigated. I’m afraid these do take some time.

141 commits and all are verified by githuob
really ??
someday u will encounter someone who will file a formal complaint against you and you will lose millions of dollars as compensation, because the site itself gives “Verfied” for the files that it safe and it is originally injected by payload for hacking people,so you aare the one who bears responsibilitty for all the people who get hacked not the uploader , anyway for the speed support :smile:

Sorry, but unfortunately, staff can’t check every repo as there are millions created all the time. Also, verified commits mean they come from a verified source, it doesn’t mean that the files are safe. Sorry about that :confused: