Comments for First Hackers News

Comment on DeepSeek Repositories Scam Spreads Malware by Kling AI Motion Control

Kling AI Motion Control — Tue, 16 Jun 2026 11:27:22 +0000

The IoC breakdown here is genuinely useful, especially the persistence chain via scheduled tasks and SSH keys — that pattern is easy to overlook in fast triage. Beyond hash matching, treating every cloned repo as untrusted until release artifacts are validated against vendor-published checksums or signed manifests remains the strongest baseline. Worth pushing that habit upstream too: typo-squatted handles and impersonator repos in monitoring feeds are usually caught earlier than post-download sandboxing ever will.

Comment on DeepSeek Repositories Scam Spreads Malware by video upscaler free

video upscaler free — Mon, 15 Jun 2026 01:21:12 +0000

The IoC breakdown here is genuinely useful, especially the persistence techniques tied to scheduled tasks and SSH keys — that pattern is easy to miss in a quick triage. Beyond hash matching, treating every cloned repo as untrusted until you have validated the release artifacts against the vendor published checksums or signatures remains the most reliable baseline. It is worth pushing that habit upstream too: alerting on typo-squatted repos and impersonator handles in monitoring feeds catches these campaigns earlier than post-download sandboxing ever will.

Comment on DeepSeek Repositories Scam Spreads Malware by MOV to MP3

MOV to MP3 — Sun, 14 Jun 2026 08:05:33 +0000

Solid breakdown of the DeepSeek TUI impersonation campaign. The IoC list and persistence notes are particularly useful, and it underscores how easily an attacker can ride on the hype around a trending model. For anyone pulling binaries from GitHub, the lesson is straightforward: verify the publisher, cross-check the SHA-256 against an official release, and treat unverified installers as untrusted, regardless of how plausible the README looks.

Comment on DeepSeek Repositories Scam Spreads Malware by image editor ai

image editor ai — Sat, 13 Jun 2026 00:58:43 +0000

Verifying a download’s authenticity is becoming a real chore for users, especially when the project is being actively impersonated. In the OpenClaw case, taking a minute to check the publish date, commit history, and the presence of a signed release can save a lot of pain. Pairing that with a checksum comparison against the official site and, when available, PGP signature verification, makes the whole process far more reliable. Hashing the binary in question and matching it against the documented IoCs in this post is a practical first step before running anything.

Comment on DeepSeek Repositories Scam Spreads Malware by Photo to Video AI

Photo to Video AI — Fri, 12 Jun 2026 02:12:47 +0000

The OpenClaw link is the most telling part of this writeup – it shows the same operator keeps rotating across whichever AI name is trending, from DeepSeek to Claude, Grok, and FraudGPT. That kind of rebranding at scale only works because users skip basic verification steps like checking commit history, repo ownership, and checksums before downloading. These campaigns should be a reminder for anyone running local AI tooling, whether it is a CLI agent, an image-to-video workflow, or a model installer from GitHub Releases.

Comment on DeepSeek Repositories Scam Spreads Malware by aiimagechecker

aiimagechecker — Fri, 29 May 2026 18:59:26 +0000

This is a critical reminder that popularity alone isn’t enough to verify a repository’s safety, especially for developer tools like DeepSeek TUI. The fact that attackers are hiding malicious payloads in standard 7z archives on the Releases page shows how sophisticated these social engineering tactics have become. Developers really need to double-check repository owners and validate all downloads with checksums before running anything locally.

Comment on DeepSeek Repositories Scam Spreads Malware by gptimg2img

gptimg2img — Tue, 12 May 2026 17:06:53 +0000

This is a critical reminder of how easily bad actors hide malware in standard archives like 7z on fake GitHub repos targeting tools like DeepSeek TUI. It really highlights why developers need to verify repository authenticity and signatures before downloading, rather than assuming the interface looks legitimate. Adding these specific IOCs to our internal blocklists immediately would be a crucial next step to protect teams from these deceptive updates.

Comment on UL — Global Safety Certification Giant Hit By Ransomware Attack by ParaSwap token PSP

ParaSwap token PSP — Sat, 04 Apr 2026 21:42:35 +0000

Cameron here — I’ve tried staking and the trustworthy service impressed me.

Comment on A massive data breach on the Leak Zone Dark Web forum has resulted in the exposure of sensitive information, including the IP addresses and geographical locations of over 22 million users by Jordan Hamson

Jordan Hamson — Mon, 25 Aug 2025 12:42:48 +0000

Some lady contacted me on IG and got me to trade with this company. Constantly convincing me for one reason to the other to keep increasing my deposits. Long story short, I lost about $88,000 I’ve never been so disappointed in my life, trusted them only to be deceived like this. Just another one of those shady companies that have nothing to offer. Wish I had read some comments in forums earlier, wouldn’t have dealt with them. Glad I found a reliable expert at Henry Walter in some forums who helped me get back everything I lost. If you’re also a victim of these guys or lost your money to similar companies, write me and I’ll refer you to the Recovery Experts. I’ll make sure you get back everything you lost Email: davidmoore9951 (@) GM AIL , C0M

Comment on Why Indian Companies are not taking the Cyber Attack Seriously ? by Parker B

Parker B — Thu, 28 Apr 2022 03:15:31 +0000

As mentioned, there are lack in cyber security awareness! Except for the keyword “Hack”
😀