Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/briankrebs/statuses/114384606654622420">BrianKrebs (briankrebs@infosec.exchange)'s status on Wednesday, 23-Apr-2025 15:54:11 JST</a><a href="https://infosec.exchange/@briankrebs" title="briankrebs@infosec.exchange"><img src="https://gnusocial.jp/avatar/21764-48-20231108132353.webp" width="48" height="48" alt="BrianKrebs" style="position: absolute; left: 0; top: 0;">BrianKrebs</a><div><a href="https://infosec.exchange/@briankrebs/114381945240726591" rel="in-reply-to">in reply to</a></div></section><article><p>Okay this is really interesting. The NLRB whistleblower Daniel Berulis told me that he found the DOGE accounts had downloaded three different code libraries from GitHub that none of their IT people or contractors used or knew about. One of them, Berulis said, had in its "README" file a description that said the software was designed as "a proxy to generate pseudo-infinite IPs for web scraping and brute forcing."</p><p>One of the core DOGE employees is Marko Elez, and Elez's GitHub page has a very interesting code repository: async-ip-rotator, created in January 2025</p><p><a href="https://github.com/markoelez/async-ip-rotator" rel="nofollow">https://github.com/markoelez/async-ip-rotator</a></p><p>Checking the history of this code, Elez's profile says it was forked from this</p><p><a href="https://github.com/Ge0rg3/requests-ip-rotator" rel="nofollow">https://github.com/Ge0rg3/requests-ip-rotator</a>, which says in its description: </p><p>"A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing."</p><p>"This library will allow the user to bypass IP-based rate-limits for sites and services."</p><p>Gee, I wonder which DOGE employee was in the NLRB in early March?</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4934145#notice-9675472">In conversation</a><time datetime="2025-04-23T15:54:11+09:00" title="Wednesday, 23-Apr-2025 15:54:11 JST">about a month ago</time> <span>from <span><a href="https://infosec.exchange/@briankrebs/114384606654622420" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@briankrebs/114384606654622420">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
BrianKrebs (briankrebs@infosec.exchange)'s status on Wednesday, 23-Apr-2025 15:54:11 JST BrianKrebs
in reply to
Okay this is really interesting. The NLRB whistleblower Daniel Berulis told me that he found the DOGE accounts had downloaded three different code libraries from GitHub that none of their IT people or contractors used or knew about. One of them, Berulis said, had in its "README" file a description that said the software was designed as "a proxy to generate pseudo-infinite IPs for web scraping and brute forcing."
One of the core DOGE employees is Marko Elez, and Elez's GitHub page has a very interesting code repository: async-ip-rotator, created in January 2025
https://github.com/markoelez/async-ip-rotator
Checking the history of this code, Elez's profile says it was forked from this
https://github.com/Ge0rg3/requests-ip-rotator, which says in its description:
"A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing."
"This library will allow the user to bypass IP-based rate-limits for sites and services."
Gee, I wonder which DOGE employee was in the NLRB in early March?
In conversationabout a month ago from infosec.exchangepermalink

Public

Embed Notice

HTML Code

Corresponding Notice