Hacker News new | past | comments | ask | show | jobs | submit login

Getting the actual number is probably very hard. These are the infected repos the OP found during their research.



For public repos you can get an approximate number by querying various public datasets.

    SELECT uniqHLL12(repo_name) FROM github_events;
Against https://play.clickhouse.com/play?user=play#U0VMRUNUIHVuaXFIT... returns:

    361648383


They probably mean that the actual number of malicious repos is probably very hard to get.

The article reaches the 100K number by searching for repos with patches with a particular string contained in this specific attack, so it's likely missing many malicious repos that use different methods of infection.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: