> > The current owner of that username on github is *not* a spammer. There is > no content on the profile, repos, etc. that shows spamming like behavior. > Therefore reporting this user as a spammer is dishonest and likely won't > have an effect. A moderator will take a look at the account and see no > spamming and ignore the reports. >
I should have said "malicious" rather than "spam". I meant "spam" generically as in "bot" / "junk" / "disruptive" / "attacker". > Additionally, starting a mob campaign to abuse the "Report User" function > is unethical. You should use proper channels to get support from Github. > I've reported it myself and I'm asking those who know me to do the same. That *is* the proper support channel. > The current profile shows the account was created March 9, 2019. If your > account was hacked then deleted so the new owner could start over, then you > have a good clear case for Github support to reclaim your username. > I moved from https://github.com/coolaj86 to https://github.com/solderjs My intent was to wait a few weeks to give Google time to follow the 302s and then protect myself from such an attack by recreating the account under my old name. However, when I went back to do so, the attacker had already made their move. Had my account been a generic name that many people would like to use, then we could say that perhaps the attacker was not an attacker, just eager and lucky. However, coolaj86 is a brand name that I've used exclusively. The only other coolaj86s on the Internet are spam accounts - typically porn (such as the .org and .net of the same name, which I once owned and let lapse since I only used the .com). https://donatstudios.com/GithubsTotalSecurityFacepalm https://www.technadu.com/account-hijacking-github-chaos-kodi-community/60903/ In the case of go-bindata, the person who "hijacked" the account was trying to restore broken functionality. Since the redirects were proper and the repositories were not deleted, we can safely say that the attacker is not trying to restore something broken. I do see one other possible option: It may have been someone who knew about the vulnerability and, fearing that something might go wrong in the future, decided to take action now. In that case, however, I believe that it would have been ethical and appropriate for them to reach out to me. At first I also thought that perhaps I did it late one night and forgot about it, but the email address I've been using for the transitional accounts didn't have an email about a new github account it and there is no public information - and I'm fairly certain I would have put up something like I have on twitter alerting people where the content was moved. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */