Talk:Infostealer/GA1
Latest comment: 1 day ago by Crisco 1492 in topic GA Review
GA Review
editGA toolbox |
---|
Reviewing |
Article (edit | visual edit | history) · Article talk (edit | history) · Watch
Nominator: Sohom Datta (talk · contribs) 14:42, 17 August 2024 (UTC)
Reviewer: Crisco 1492 (talk · contribs) 14:33, 24 November 2024 (UTC)
Image review
edit- No images.
Prose review
edit- Article seems a bit top heavy. Any way to refine the lede a bit more?
- often for amounts as low as $10 - What currency?
- Overall, prose is very tight in the article body.
Comprehensiveness
edit- Article feels very ahistorical. You mention that some of the earliest infostealers were detected and researched in 2009, but there are also statements like "The management interface, usually written in traditional web development languages like PHP, HTML, and JavaScript,[2] is typically hosted on the commercial cloud infrastructure". Given that commercial cloud infrastructure has only been a thing in the past decade or so, obviously there has been a shift in typical infostealer behaviour, but one doesn't get how that happened. Is there perhaps any historical information that could be added?
- A couple things in the sources seem potentially beneficial. The fact that there are desktop interfaces, rather than web-based ones, and the lag between implementation and blacklisting both seem relevant.
- Other than that, article seems comprehensive enough.
Source review
editSources section should be alphabetized.Mind the order of references. For example, you have [11][6] at one point.- Spotcheck:
- 2a: Supported. "All analyzed panels are built with PHP, HTML, and JavaScript, and their core functionality focuses on credential theft. The panels use SQL-based databases to store information about the bots and stolen data."
- 2b: I'm not seeing this on pages 508/509
- 4b: Not fully supported. Our article says "Additionally, they are often bundled with compromised or malicious browser extensions, infected game mods, and pirated or otherwise compromised software." The source says "Malicious actors infect victims with infostealer malware using (most frequently) phishing emails, cracked and pirated software, game cheating packages, browser extensions, and cryptocurrencyrelated software[10, 20]." Although that supports most of the statement, "game cheating packages" is not a synonym of "game mods" (at least as one would access via Nexus and other platforms). A cheating package may also include a trainer or another memory-editing program like Cheat Engine.
- 6b: Supported
- 14a: Supported.
Conclusion
edit- Overall, this seems to be close to meeting the criteria. Good job! — Chris Woodrich (talk) 14:33, 24 November 2024 (UTC)
- Hi Sohom Datta, any news? If there is no movement on these issues, I will have to close this as failed. — Chris Woodrich (talk) 01:04, 5 December 2024 (UTC)
- Gimme until the end of next week, I'm at the end of my semester, so I haven't had much time to look at this. sorry I wasn't communicative about it :( Sohom (talk) 03:06, 5 December 2024 (UTC)
- Alright, sounds good. — Chris Woodrich (talk) 03:25, 5 December 2024 (UTC)
- Hi @Crisco 1492 @Sohom Datta! Did a minor fix for Source Review to help the GAN. Alphabetized the sources and resolved the order of the references - you can strikethrough if it's all good. RFNirmala (talk) 13:00, 8 December 2024 (UTC)
- Thank you, RFNirmala. Stricken. — Chris Woodrich (talk) 13:22, 8 December 2024 (UTC)
- Gimme until the end of next week, I'm at the end of my semester, so I haven't had much time to look at this. sorry I wasn't communicative about it :( Sohom (talk) 03:06, 5 December 2024 (UTC)
- Hi User:Sohom Datta, have you had a chance to revisit this? — Chris Woodrich (talk) 18:45, 23 December 2024 (UTC)