GitHub has terminated the account of “Nightmare-Eclipse,” an anonymous rogue security researcher known for dropping critical unpatched Windows vulnerabilities since Microsoft left them “homeless with nothing.” The vigilante has now moved to GitLab, releasing more threats.
GitHub, a code-sharing platform owned by Microsoft, blocked the disgruntled researcher who publicly disclosed several unpatched Windows vulnerabilities. Microsoft previously indirectly accused the researcher of “violating coordinated vulnerability best practices.”
The Nightmare-Eclipse repository on GitHub hosted six exploits released in less than two months.
The public zero-day disclosures began on April 2nd, when the researcher released a critical privilege-escalation exploit that grants SYSTEM privileges to any user. It is known as BlueHammer. The researcher blasted Microsoft over violating their “agreement,” leaving them “homeless with nothing.”
“They knew this would happen, and they still stabbed me in the back anyway. This is their decision, not mine,” the researcher said at the time.
Since then, zero-day releases have become a cat-and-mouse game – the same hacker has released new exploits hours after Microsoft patched the previous ones. They demonstrated bugs in Windows Defender that enabled attackers to gain full control of the system.
Later, Eclipse dropped a tool that completely bypasses BitLocker disk encryption using a USB stick, as well as another privilege-escalation bug dubbed YellowKey.
They even gained complete Windows control through a bug that remained unpatched for 6 years after Google first reported it.
Curious what others think about this story? Contribute your thoughts to the debate below.
Microsoft acknowledged the vulnerabilities one after another, and it appears to have hit a corporate nerve.
“The proof of concept for this vulnerability has been made public, violating coordinated vulnerability best practices,” Microsoft said in one of the security advisories, addressing the YellowKey exploit.
The tech giant also recognized other researchers, but not Eclipse, for their vulnerability disclosures.
Migrates to GitLab, suggests marking July 14th
Soon after the GitHub repository was banned, Nightmare-Eclipse created a new one on GitLab, another open source code-sharing platform. It now hosts the six exploits previously released by the researcher.
The vigilante once again expressed frustration over being humiliated and insulted and threatened Microsoft with the release of “the documents.”
“Now you take the courtesy to flag my GitHub account and wipe it out of the public, just like that? You are proving to everyone that you are actively escalating this conflict, but I'm done begging you,” the hacker posted on their blog.
“Mark this date, July 14th, I will make sure your bones are shattered that day. Nothing will be released this June (or maybe I will release something, depending on circumstances).”
In another post, they said that Monday will be the hardest day of their life.
GitHub’s action provoked negative reactions in the community.
“Yeah, let's ban security research to see if the problem goes away,” one of the X users, @bitdeep_, posted.
Others felt that tech companies unfairly treat security researchers, offering them no safe harbor and hiding issues rather than fixing them.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked