Repositories spread malicious software

[orchidfiles]

🏷️ Discussion Type

Question

💬 Feature/Topic Area

Other

Discussion Details

I may have chosen the wrong category, but I couldn't find a more appropriate one.
I've come across a few strange repositories. The README file in them is constantly being edited. Links to direct downloads of the ZIP archive are being replaced in it.

Example: https://github.com/5StarKanyon/pm2-gui

You can view the latest commit to see the changes made to the README file.
I think the commit history is always overwritten. That's why I can't provide a link to a specific commit, since it will be deleted in the future.

Another example: https://github.com/herybrts/loredata

The README file was also updated an hour ago.
I found this repository by searching for the name of my repository. The author of this copy took my code, uploaded it to a new repository, and replaced the links to npm with links to download a ZIP file.

What can be done about this?

[Sanidhya069]

[orchidfiles]

Thanks, Gemini, for your answer. But if I needed an answer from an AI, I would turn to an AI.

[hitesh066]

Hey @orchidfiles,

What you’re describing is basically a case of repository misuse (code copying + replacing install sources), and unfortunately it does happen on GitHub.

The best thing you can do is report it directly instead of trying to track commit history, since as you noticed, the content keeps changing.

What you can do:

• Report the repository using GitHub’s abuse/report page:
  https://support.github.com/contact/report-abuse

• Include:

  • Original repository (yours)
  • Copied repository links
  • What exactly is being changed (README, download links, etc.)

• Also report specific files if needed using the “Report content” option on the repo page

GitHub usually handles this under “copied content / misleading or malicious content” policies.

If the repo is actively changing links to distribute unsafe downloads, it’s important to report it quickly so it doesn’t spread further.

Tracking commits won’t help much here because the author can keep rewriting history, so reporting is the correct route.

[orchidfiles]

Thanks, Gemini, for your answer. But if I needed an answer from an AI, I would turn to an AI.

[orchidfiles]

Want to know how I figured out it was Gemini?

1. Original repository (yours) — Gemini always likes to add explanations in parentheses that are already clear from the context.
2. Only an AI would write such a bland, useless piece of text.
3. Before posting this topic here, I asked Gemini this question and received exactly the same answer as your comment.

I don't know why you sent my request to AI and gave me a response from AI. Don't you think I could have figured that out on my own?

[orchidfiles]

Is there really no way to get in touch with GitHub support? I emailed them two months ago. Then I emailed them again. No response.

[bybardia]

[orchidfiles]

You have no idea how tired I am of AI-generated responses. Why did you give me that answer? Did you even read what I wrote?

[Cryptologi]

I also got screwed and realize how inefficient all of this is these days. Not only that but its not even ope source the big players are straight stealing right in front of us