GitHub Hit with Malicious Repositories which Steal Passwords and Cryptocurrency
An attack is flooding GitHub with millions of code repositories. These repositories contain concealed malware that steals passwords and cryptocurrency from devices.
The malicious repositories are clones of legitimate ones, making them hard to distinguish to the casual eye. An unknown party has automated a process that forks legitimate repositories, meaning the source code is copied so developers can use it in an independent project that builds on the original one. The result is millions of forks with names identical to the original one that add a payload that is wrapped under seven layers of obfuscation.
The attack is estimated to have impacted more than 100,000 GitHub repositories. Read more about this story on our LinkedIn page
The malicious repositories are clones of legitimate ones, making them hard to distinguish to the casual eye. An unknown party has automated a process that forks legitimate repositories, meaning the source code is copied so developers can use it in an independent project that builds on the original one. The result is millions of forks with names identical to the original one that add a payload that is wrapped under seven layers of obfuscation.
The attack is estimated to have impacted more than 100,000 GitHub repositories. Read more about this story on our LinkedIn page