arash16/Warn

Last active February 2, 2026 18:39

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/arash16/cf778b8a29be2a3b818bcdae5f7583f5.js"></script>
Save arash16/cf778b8a29be2a3b818bcdae5f7583f5 to your computer and use it in GitHub Desktop.

Download ZIP

Raw

Warn

# ⚠️ You are HACKED ⚠️

Author

arash16 commented Feb 2, 2026

The malware spawns 3 parallel processes:

Collect all sensitive known data, like browser profiles, .ssh keys, windows passwords, chrome specific extensions data (wallets)
Search the whole system for files containing interesting words for attacker (wallet, password, phone, .env, .cfg, .ini, etc)
Start a live websocket connection to server that attacker can ask victim's computer to run custom commands

Consider everything sensitive to be stolen. This is not speculation, I have read the malware's de-obfuscated source code!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment