Reported Misuse of GitHub-Hosted Files for Phishing Activities

[icodeforlove]

I've disabled a service you were using as it was flagged in a recent abuse report.

While I’m not familiar with the specific GitHub repository, it appears it may have been misused for phishing based on the information provided by the reporter.

You'll need to update your implementation accordingly.

I recommend either hosting the files yourself or finding a reliable alternative. For reference, the affected usage can be found here:
https://github.com/search?q=repo%3Astatnett%2FTalk2PowerSystem%20rawgit2.com&type=code

[VladimirAlexiev]

Can you explain HOW is that any fishing for the Interac braind??

rawgit2.com is not a fishing site, but a site that serves Github files with appropriate content type.
I've been using it for at least 8 years, to serve various files related to ontologies/JSONLD, and my home page and publications
https://rawgit2.com/VladimirAlexiev/my/master/index.html
Now some details:

• http://rawgit2.com/statnett/Talk2PowerSystem/main/demo1/cimex was never meant to be resolvable, it's a semantic URI of an ontology
• the Turtle file has now moved. It is served from https://github.com/statnett/Talk2PowerSystem/raw/refs/heads/main/load/resources/cimex.ttl, but not with appropriate content type:

curl -LI https://github.com/statnett/Talk2PowerSystem/raw/refs/heads/main/load/resources/cimex.ttl
...
Content-Type: text/plain; charset=utf-8

• It is not served from http://rawgit2.com/statnett/Talk2PowerSystem/main/load/resources/cimex.ttl

The whole domain is now disabled:

Could not resolve host: rawgit2.com

So now these semantic resources, and my home page and publications are inaccessible.
I don't know how many people use rawgit2.com, but I'd guess tens of thousands.
Please re-enable it!

PS: also emailed abusereply@cloudflare.com

[icodeforlove]

I believe there’s been a bit of confusion.

I’m the operator of rawgit2.com, which I’ve recently shut down following an abuse report related to this repository. The report came from PhishLabs: https://www.phishlabs.com/.

I’m not sure how this repo was being misused for phishing, but to be safe, I’ve taken the service offline. If you were relying on rawgit2.com, I strongly recommend setting up your own proxy using a simple Cloudflare Worker. It can cache and forward requests, giving you full control and security.

In hindsight, rawgit2.com shouldn’t have been used for critical projects, since any proxy service like this could theoretically be used to manipulate payloads.

For a more secure setup, please create your own Worker and restrict access to only the repositories you trust.

[VladimirAlexiev]

@icodeforlove thanks for keeping rawgit2 running for all these years!
I don't see what fishing attack there has been, and I don't see what this repo could possibly have to do with Interac.

Previously I used https://rawgit.com/, and I see it was shut down for a similar reason

Unfortunately, RawGit has also become an attractive distribution mechanism for malware.
Since I have almost no time to devote to fighting malware and abuse on RawGit (and since it would be no fun even if I did have the time), I feel the responsible thing to do is to shut it down.

I'll switch to some other way. It's a pity that the address of my home page and publications will change...
Cheers!