如果 GitHub 批量删除恶意软件的仓库,或者 npm 批量撤销被盗用的令牌,成千上万个受感染的系统可能会同时销毁用户数据。这种攻击的分布式特性意味着每台受感染的机器都会独立监控访问情况,并在检测到访问中断时触发用户数据的删除。

https://about.gitlab.com/blog/gitlab-discovers-widespread-npm-supply-chain-attack/
妙啊
about.gitlab.com
GitLab discovers widespread npm supply chain attack
GitLab discovers widespread npm supply chain attack
Malware driving attack includes "dead man's switch" that can harm user data.
 
 
Back to Top