Need a little help from my friends

Michael Torrie torriem at gmail.com
Fri Mar 22 17:53:18 MDT 2019


On 03/22/2019 04:38 PM, AJ ONeal (Home) wrote:
> I moved from https://github.com/coolaj86 to https://github.com/solderjs
> My intent was to wait a few weeks to give Google time to follow the 302s
> and then protect myself from such an attack by recreating the account under
> my old name. However, when I went back to do so, the attacker had already
> made their move.

I'm unclear on what actually happened here.  Did someone steal your
credentials?  You say you deliberately closed the account.  I know
github shouldn't be reusing usernames (and all the downstream security
implications), but how does someone grabbing up your abandoned github
username constitute some kind of attack or hijack?

What was hijacked?  I'm unclear on the sequence of events here.  What
are these redirects?

I'm not trying to criticize. Just trying to understand exactly what was
hijacked and what this "attacker" is doing to you.


More information about the PLUG mailing list