Docker Community Forums

Share and learn in the Docker community.

Spam Post on Docker Hub

I don’t know how or where to report this, but I was googling for a manual for my ceiling fan and came across this:

https://hub.docker.com/r/ognomato/harbor-breeze-model-lgf-manuals

It’s clearly spam and possibly malicious.

This user has created 255 repos all with the same BS:

https://hub.docker.com/u/ognomato

1 Like

@joehillen - Thank you! Taken care of.

Jerry

New spam Docker Hub

This seems to be a real problem on Docker Hub. I’ve come across results like this from Google searches in the past. The problem is much more apparent if you use the Hub search though. Sorting the results of a search for “download” by recently updated reveals multiple suspicious repos owned by different accounts. “crack” and “manual” are a couple other terms that yield lots of spammy results. Most of the suspicious repo descriptions contain malicious links. The accounts each tend to have somewhere under 200 similar repos, and most of the ones I looked at were created in mid-April of this year. Here’s a random sampling of account names I found utilizing this method. This is by no means a complete list:

  • derecerpres
  • nittesthoba
  • derwsnadinti
  • guskingtimpsuc
  • cusymmuaatroc
  • sadgeberstrap
  • elsuslechal

Hopefully the Docker team will take steps to combat the posting of malicious links to their platform, or at least provide some kind of reporting mechanism for suspicious repos.

1 Like