TommyBui89
commented
2 days ago thank you for letting me know. can you tell me which file specifically has the malware. thanks.
Open mrlukyman opened 2 days ago
TommyBui89
commented
2 days ago thank you for letting me know. can you tell me which file specifically has the malware. thanks.
mrlukyman
commented
2 days ago there's an eval function in TNTChart/server/routes/api/profile.js line 44 that executes obfuscated javascript function. It then sets up an agent that's sending whatever you have in your clipboard to the attackers and also downloads and runs a python script that is sending data from your computer to the attackers. You can reach me on linkedin I can provide more details I don't wanna spam it here
TommyBui89
commented
2 days ago Oh ưill I be fine. Cause I only forked it and did not run it
Sorry to reach out to you like this I couldn't find your socials.
I have noticed you have forked and worked on a project TNTChart. I don’t know if you have noticed but this project contains a malware which is stealing you data and monitoring your clipboard. I advise you to immediately disconnect your computer from internet and do a fresh install because the malware might be wide spread. I’ve been also infected by this that’s why I’m trying to reach out to other people. If you have any questions or need help let me know.