Kaspersky warns: Hackers use GitHub to forge code and steal Bitcoin

According to CoinDesk, Kaspersky has discovered that hackers are using GitHub for "GitVenom" attacks, which have been active for at least two years and are on the rise. Hackers create GitHub code repositories disguised as legitimate projects, such as Telegram bots or computer gaming tools used to manage Bitcoin wallets, but hiding malicious code within them. Attackers use Python and JavaScript code to implant Trojan viruses, infect victims' devices, steal passwords, encrypt wallet information, and hijack Bitcoin transaction addresses. In November 2024, a developer lost over $400000 in Bitcoin due to the attack. GitVenom mainly affects Russia, Brazil, Türkiye and other countries, and is still spreading globally. Kaspersky recommends developers to carefully review the authenticity of the project before running code, be wary of excessively optimized README files and suspicious code submission history.