You are an incident responder at Acme Inc.

A security researcher contacts your team with concerning news: Acme's name has appeared in a newly uncovered threat campaign. They provide a link to a public GitHub repository believed to be used by the attacker to leak stolen data:

https://github.com/m4gicst34l3r/stolen-sparkles

You begin your investigation with the suspected compromised machine.

Your mission:

1. Understand what happened on the machine

2. Identify the attacker's data exfiltration method

3. Find the flag!

Author

Eden Abergil