I Found a Coordinated GitHub Follow Botnet Hiding in My Followers
A user discovered a coordinated botnet on GitHub while analyzing their followers. Eight accounts showed suspicious following patterns, all created over several years and following nearly identical external accounts. The analysis revealed that these accounts did not follow each other, indicating a deliberate design choice to evade detection.
- ▪The user audited their GitHub followers and found eight accounts flagged for mass following.
- ▪These accounts were created over a six-year span and had similar following counts.
- ▪The accounts did not follow each other, which is a common tactic used by botnets to avoid detection.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 2619990) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } GnomeMan4201 Posted on May 19 I Found a Coordinated GitHub Follow Botnet Hiding in My Followers #security #python #opensource #github I've been building a personal analytics stack for my GitHub and DEV.to presence — traffic reports, bot audits, the works. While auditing my 97 GitHub followers today, I noticed something in the heuristic scores that didn't add up. Eight accounts, created across different years, flagged for mass following. Nothing unusual on the surface.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).
Discussion
0 commentsMore from DEV.to (Top)
