TZUTC: -0500   
   MSGID: 209.consprcy@1:2320/105 2c25bad2   
   PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0   
   TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   Hundreds of GitHub repositories hijacked to trick users into downloading   
   malware   
      
   Date:   
   Wed, 26 Feb 2025 14:24:00 +0000   
      
   Description:   
   Criminals have been deploying different malware via hundreds of GitHub   
   projects.   
      
   FULL STORY   
   ======================================================================   
    - Kaspersky research finds "hundreds" of malicious GitHub commits   
    - Commits pretend to be useful software but trick victims into downloading   
   malware   
    - At least one person lost 5 BTC because of the campaign   
      
   Cybersecurity researchers Kaspersky have iscovered a longstanding, widespread   
   criminal campaign targeting software developers with information-stealing   
   malware .    
      
   Kaspersky said it observed hundreds of fake GitHub repositories, some posing   
   as tools and automation mechanisms, others as hacks and cracks, that were   
   actually delivering different sorts of malware to their victims. They dubbed   
   the campaign GitVenom. Apparently, someone has been very thorough, carefully   
   setting up commits, writing accompanying documentation and readme files, all   
   in order to avoid being flagged as malware.    
      
   However, beneath the fake documents lies malicious code built in Python,   
   JavaScript, C, C++. and C#. Kaspersky saw Node.js stealer, AsyncRAT, Qasar   
   backdoor, and a clipboard hijacker. The malware has been circulating across   
   GitHub for at least two years, Kaspersky stressed, with targets and victims   
   located all over the world, but some countries are targeted more than others:   
   with Russia, Brazil, and Turkey hit especially hard.   
      
   Losing bitcoin    
      
   There is no telling how many victims fell for the ruse, but Kaspersky singled   
   out one case in which someone lost 5 BTC to the scam, equivalent to just    
   under half a million dollars.    
      
   GitHub is one of the most popular code repositories in the world, used every   
   day by millions of software developers. It is an important platform that    
   helps speed up and simplify software development, while at the same time   
   improves security by allowing countless security experts to scrutinize the   
   code.    
      
   However, the popularity also draws in the wrong crowd. GitHub is constantly   
   being bombarded with malware, as hackers employ typosquatting, impersonation,   
   and outright fraud, to try and trick people into downloading malware instead   
   of legitimate code.    
      
   GitHubs maintainers work hard to keep the platform clean, and were forced on   
   multiple occasions to suspend new account creation and new commits   
   submissions, due to an onslaught of malware.    
      
    Via BleepingComputer   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/hundreds-of-github-repositories-hijacke   
   d-to-trick-users-into-downloading-malware   
      
   $$   
   --- SBBSecho 3.20-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/305 153/7715 154/110 218/700 226/30   
   SEEN-BY: 227/114 229/110 111 114 206 300 307 317 400 426 428 470 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 3634/12 5075/35   
   PATH: 2320/105 229/426