Hundreds of GitHub repos found posing as real software to push malware



  • ArcticWolf uncovered 292 malicious GitHub repositories spoofing legitimate tools and products, delivering a new BoryptGrab infostealer variant
  • Malware steals from 19 browsers, 32 crypto wallets, messaging apps, Steam, and Windows Credential Manager, and uniquely bypasses Chrome’s App‑Bound Encryption via code injection
  • Most repos have been removed, but some remain active; GitHub’s popularity makes it a prime target, underscoring the need to vet code before use

Russian actors have reportedly created hundreds of malicious GitHub repositories masquerading as legitimate software but acting as a dangerous infostealer.

Cybersecurity researchers ArcticWolf discovered the campaign after finding their own products spoofed as part of the attack.

https://cdn.mos.cms.futurecdn.net/YQaVTQE6JAfu6bvPgwmd5U-2560-80.jpg



Source link

Latest articles

spot_imgspot_img

Related articles

Leave a reply

Please enter your comment!
Please enter your name here

spot_imgspot_img