126 OSS Project pushed malware in an update, which wipes your disk if you happen to have Russian or Belorussian IP address (media.kotakuinaction2.win) posted 2 years ago by Senketsu 2 years ago by Senketsu +126 / -0 104 comments download share 104 comments share download save hide report block hide replies
While this is egregious, it doesn't wipe your disk. It writes a text file to the desktop.
From the CVE:
I looked through the change log in the module and didn't find it anywhere
It was deleted.
Here's a backup that was also helpfully de-obfuscated. It also contains his API key to the geolocation service.
https://gist.github.com/lithiumjs/76366c345475050f23e428d6539112d4
x4 makes the range [0,4] so (1,4] is 75% of range. Rounding down [1,1.5) to 1 is 1/8th of total range made not >1. 75% - 12.5% = 62.5%
Fuck Joe Brandon