Malicious Link Sent Over Discord

[JikiScott]

Select Topic Area

General

Body

I don't use Github so I dont know how to properly submit this, and the docs are completely useless. They keep redirecting me to support.github.com which, whenever I choose 'report abuse', just leads me to this page. This page is useless to me as the site I am reporting does not have an in-product report button (which of course malicious users are going to find a way to remove) and for this situation, the docs link me back to the support page, sending me in a self-referential loop. I shouldn't have to explain why its so dangerous to make reporting an issue so complicated when a small and obvious-to-remove element (the in-product report button) is gone. I really hope GitHub makes reporting abuse without the aid of an in-product report button easier in the future for cybersecurity's sake.

Complaining finished, I recently came across a link that is believed to be maliciously sent from a hijacked Discord account. The link purports to be a game (the classic 'can you play my game and give feedback' scam) but is actually a rar file of unknown purpose. Im not technically advanced enough to figure out what the rar file does, but from what I heard from other users who know about the hijacking, it is indeed malicious. The site is hosted on github here: https://milestone-game.github.io/ . Could someone look into this and possibly take it down if it is distributing malware?

[JikiScott]

Oh right, the file's password is milestonebeta

[kapenike]

Yup! I was searching for this. Today a gaming cafe I frequent fell victim to this ... It needs to go down NOW. It installs a keylogger from what i've heard. Kinda absurd those can still exist tbh ... If anyone has a spare computer and could track the network that would be 10x better. I'm not near my ole dusty and wont be for awhile