So I have a piece of software that me and my other dev have been building for the last 4 months.
Earlier today, he was working on fixing a few bugs that kept popping up. Our hopes were to launch this software as an SaaS product by September.
We have an updater module sewed into the starting function that checks as soon as the program opens whether or not changes have been made to the software on the server side of things. If it detects that changes have been made, it will go and update the software automatically to match that of the server version.
Well earlier he had made some changes, added them to github and updated the server accordingly. I go onto the software itself to conduct a UI test and the software goes ahead and starts updating. However, I instantly start getting notifications from Windows Defender telling me threats have been found. Clicking on it, I see two files of high severity labeled as trojan malware.
I instantly go to malware bytes and start running a scan while frantically moving my important files onto google drive before deleting them.
Ultimately, I’ve had about 47 detected malware files when a few weeks back I had zero. I ran the scan an additional 3 more times until I had 0 suspicious files and the rest have been placed into quarantine.
Typically, my OPSEC is on-point but I really wasn’t expecting my half-owned piece of software to suddenly launch an attack on me. I’m not sure whether my other dev was behind this but we’ve had a good working relationship for several months now, working 60 hour weeks together. I’m not sure why he’d suddenly turn around and purposely try to infect me as the only other user of this software.
Perhaps our AWS server got hacked into with someone embedding a bunch of malware into our code but that seems quite unlikely as well given we’ve kept it under lock quite heavily.
It seems that the attack has already occured and even if it was stopped in its tracks ahead of time, my computer is likely compromised forever now.
Not sure what to do now. This happened within the last hour and I’ve yet to hear from the other dev.