No, abuse@atlassian.com does not produce any results and no one replies there.I have 2 repositories with malicious code. In the first one it's hidden on the right, in the second one it comes from an API as text and gets executed with eval().
https://bitbucket.org/bunney-bet-pro/casino/src/4d680db9640bde956bb4d73811e8143ad9cb5a23/server/routes.js#lines-60
https://bitbucket.org/rezoart_workspace/repo_ecommerce/src/3a6b728e110c03c0cea05982558b69cdd33ef4ed/server/controllers/product.js#lines-161Thank you for cleaning this stuff promptly.
Hi @Andrew Katsewich
The abuse mailbox is unable to reply. But reports sent there should still be processed in due time.
That said I raised these repos to my security team and they have confirmed these have been taken-down from our site.
Thanks for reporting them to us.
Andy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Okay, I sent a message on Nov 26 with the first repo, and you saw it was still there today.Thank you!
Still have a question?
Get fast answers from people who know.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.