@eyedeekay
&zzz
+R4SAS
+RN
+RN_
+T3s|4
+dr|z3d
+eche|off
+hk
+orignal
+postman
+qend-irc2p
+snex
+weko
Arch
BravoOreo
BubbRubb
Chrono
Danny
FreefallHeavens
HowardPlayzOfAdmin
Irc2PGuest34005
Irc2PGuest51264
Irc2PGuest74165
Irc2PGuest79342
Irc2PGuest93031
Onn4l7h
Over
Rogueone
SigSegv
Sisyphus
Sleepy
T3s|4_
T3s|4__
Teeed
aargh
acetone_
aisle
ardu
b3t4f4c3__
cumlord
death
dr4wd3
duanin2
eyedeekay_bnc
hagen_
kaffi
makoto
nilbog
not_bob_afk
ohThuku1_
poriori_
pory_
profetikla
r00tobo
rapidash
shiver_
thetia
u5657
uop23ip
w8rabbit
wew
wodencafe2
x74a6
orignal
thanks
eyedeekay
Wild. This is very similar to what was going on with our gitlab last year that prompted the big account purge: theregister.com/2024/03/01/github_automated_fork_campaign
dr|z3d
as seen on ramble, eyedeekay :) ramble.i2p/f/Security/5305/github-besieged-by-millions-of-malicious-repositories-in
eyedeekay
That was absolutely exhausting to deal with
dr|z3d
it was a salutary lesson in why a free-for-all git hosting instance isn't such a hot idea :)
eyedeekay
Yeah it certainly wasn't tenable for me
dr|z3d
in my experience, anything that enables user account creation will sooner or later be abused.
dr|z3d
fortunately, we're not normally exposed to the same level of abuse as on Tor, but still.
eyedeekay
Yeah and git hosts have a lot to abuse, CI/runners being some of the worst
dr|z3d
very true. great way to sink a vps, enabling that for one and all :)
eyedeekay
Could also enlist somebody else's server farm in your DDOS attack
dr|z3d
yeah, dangerous tool in the wrong hands, CI.
eyedeekay
editorial 'you' not a directed 'you'
eyedeekay
It's a thing I would think of trying
dr|z3d
DDOS, or crypto mining. both have been done.
dr|z3d
and I didn't think you were referring to me personally :)
eyedeekay
Just wanted to be clear :)