|
|
|
|
|
|
by IAmGraydon
1298 days ago
|
|
|
The author worked in Belarus for Wargaming.net until just before making this commit. Wargaming recently withdrew their operations from Belarus and Russia for obvious reasons, and the author appears to have lost his job with them as a result. Combined with the way he nonchalantly reversed the commit and I’m thinking the theory on r/netsec may not be so far fetched. |
|
|
Quote:
----------------
Could not find any public use of the package but there's a few interesting things about this repo:
- The author used to work at wargaming.net at the time the repo was created (publisher of world of tanks)
- There are two contributors: the author and one of his ex-colleague from wargaming.net.
- There are a bunch of maintenance commits over the years suggesting actual use and not just a random weekend project.
A bit far-fetched but whoever introduced this backdoor could be attempting a targeted attack against wargaming.net as there's a good chance it's used in there.
Note: it looks like the author of the package removed the malicious commit.