Hackers are targeting software developers by spreading malware through fake GitHub repositories, according to new research.
A lot of code on the internet is open source, meaning anyone can use it. But Kaspersky's Securelist says there's been an uptick in cybercriminals uploading fake projects in an attempt to deceive victims.
It warns the threat actors involved "went to great lengths to make the repositories appear legitimate to potential targets."
In one case, a bogus project for a Telegram bot that manages Bitcoin wallets included malware that could allow attackers to obtain a developer's browsing history or crypto wallet data.
Other components included a clipboard hijacker that scoured the victim’s computer for wallet addresses—replacing them with ones controlled by the attackers.
As of November 2024, one such wallet had received a lump sum of about 5 BTC, worth about $443,000 at the time of writing.
Sensitive information obtained from hackers—which also includes passwords and banking details—is compressed and sent on to the hackers via Telegram.
Kaspersky says vigilance is needed, especially considering code-sharing platforms like GitHub are used by millions of developers around the world.
Such repositories are often used to help save time and complete projects faster by enabling builders to use code that already exists.
"For that reason, it is crucial to handle processing of third-party code very carefully. Before attempting to run such code or integrate it into an existing project, it is paramount to thoroughly check what actions it performs," it added.
It's believed that GitVenom's impact has spread globally—with most of the infections concentrated in Russia, Brazil, and Turkey.
Crypto malware targets devs
This isn't the only form of malware known to target software developers.
Just last week, Microsoft Intelligence warned that a new variant of XCSSET was doing the rounds that could steal crypto on Apple macOS devices.
That tends to be disseminated through infected Xcode projects, which consist of the files used to create apps for this operating system.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
