comex

“[T]he app starts to figure out ‘real IP address’ by doing a request to both google and bing with query ‘what+is+my+ip’.”

Afterwards, the app “does a couple of requests to 2 different config files stored in personal google drive account of the app creator.”

Whoever wrote this takes a very… straightforward approach to programming!

https://lecromee.github.io/posts/swing_vpn_ddosing_sites/

Swing VPN app is a DDOS botnet

tldr: Swing VPN is using its user base to DDOS sites using its users as a an attack botnet. Introduction It all started with a friend of mine complaining that his phone was doing a request to a specific app every few seconds. Initial assumption was that the phone was infected with a virus but a 2 minute investigation showed that all requests went from ‘Swing VPN’ app which were legitimately installed on the phone as VPN service.

Jun 19, 2023 at 8:22amWeb
Show threadSaphire LatticeJun 19, 2023
@comex ...amazing
Show threadCrazy PonyJun 19, 2023
@comex leaving crumbs @uvok :)
Show threadZiritionJun 19, 2023
@comex That’s seems like the idea of a kid not knowing what they are doing, but seriously WTF