- Kaspersky Research finds “hundreds” of malicious comforts of Github
- The commitments are intended to be a useful software, but they deceive the victims to download malware
- At least one person lost 5 BTC due to the campaign
Kaspersky cybersecurity researchers have covered a long -standing and generalized criminal campaign for software developers with malware that steals information.
Kaspersky said he observed hundreds of false Github repositories, some that pass through automation tools and mechanisms, others such as hacks and cracks, which were actually delivering different types of malware to their victims. They nicknamed the ‘Gitvenom’ campaign. Apparently, someone has been very thorough, carefully configuring confirmations, writing attached documentation and reading files, all to avoid being marked as malware.
However, under the false documents are malicious code built in Python, JavaScript, C, C ++. and c#. Kaspersky Vio Node.js Stealer, Asyncrat, Qasar Backdoor and a clipboard kidnapping. Malware has been circulating through Github for at least two years, Kaspersky emphasized, with objectives and victims located worldwide, but some countries are attacked more than others: with Russia, Brazil and Turkey hit especially hard.
Lose bitcoin
It is not known how many victims fell in love with the trick, but Kaspersky pointed out a case in which someone lost 5 BTC to the scam, equivalent to just under half a million dollars.
Github is one of the most popular code repositories in the world, used every day by millions of software developers. It is an important platform that helps accelerate and simplify the development of the software, while at the same time improves security by allowing innumerable security experts to analyze the code.
However, popularity also attracts the wrong crowd. Github is constantly bombing with malware, since computer pirates use a type of typantation, impersonation and absolute fraud, to try to deceive people to discharge malware instead of a legitimate code.
Github mainer working hard to keep the platform clean, and were forced multiple occasions to suspend the creation of new accounts and new presentations, due to an avalanche of malware.
Through Bleepingcomputer
