Phishing Campaign Impersonates Y Combinator Using Github Issue Notifications

Posted3 months agoActive3 months ago

thenickdude

8 points

5 comments

github.comTechstory

calmnegative

Debate

20/100

PhishingGithubY CombinatorSecurity

Key topics

Phishing

Github

Y Combinator

Security

A phishing campaign is impersonating Y Combinator by sending GitHub issue notifications with malicious links, prompting the community to be cautious with unexpected notifications.

Snapshot generated from the HN discussion

Discussion Activity

Light discussion

First comment

N/A

Peak period

0-1h

Avg / period

Key moments

01Story posted
Sep 23, 2025 at 7:55 PM EDT
3 months ago
Step 01
02First comment
Sep 23, 2025 at 7:55 PM EDT
0s after posting
Step 02
03Peak activity
5 comments in 0-1h
Hottest window of the conversation
Step 03
04Latest activity
Sep 23, 2025 at 8:35 PM EDT
3 months ago
Step 04

Generating AI Summary...

Analyzing up to 500 comments to identify key contributors and discussion patterns

Discussion (5 comments)

Showing 5 comments

thenickdudeAuthor

3 months ago

At the bottom of each issue is a huge amount of whitespace, then they've stuffed it with a bunch of @'s to notify users.

https://i.imgur.com/LRotRlS.png

The link goes to a typo-squatted domain using an "l" instead of an "i".

slwvx

3 months ago

Such phishing attacks using Github seem common these days.

nico

3 months ago

Yup, just got it in my email. At first I was intrigued, then I read the part where they say the application requires a refundable deposit for verification

> Next step: To confirm your preliminary registration and secure eligibility, please verify your wallet through Y Combinator. This step ensures fairness, safeguards against Sybil attacks, and does not require personal information. The process takes less than a minute: simply connect your wallet and sign a verification message.

> Important: A refundable deposit is required for authorization. The full amount will be returned once verification is complete

southwindcg

3 months ago

Discussed (and dealt with) here: https://news.ycombinator.com/item?id=45352610

(Multiple domains are being used.)

andy99

3 months ago

Also got this about an hour ago. I had previously applied to YC so thought it was about that, then saw

  Important:
  A refundable deposit is required for authorization.

and realized it was a scam.

View full discussion on Hacker News

ID: 45354413Type: storyLast synced: 11/17/2025, 1:10:51 PM

Want the full context?

Jump to the original sources

Read the primary article or dive into the live Hacker News thread when you're ready.

Open link View on HN