Cyber security firm Kaspersky says hackers are creating hundreds of fake GitHub projects to trick users into downloading malicious software that encrypts and steals credentials.
Kaspersky analyst Georgy Kucherin said in a report dated February 24 that hackers created hundreds of software feeds on GitHub to host fake projects containing remote access Trojans (RATs), information-stealing programs, and clipboard hijackers.
Some of the forgeries include a Telegram bot that manages bitcoin wallets and a tool that automates interactions with Instagram accounts. Mr. Kuchelin added that malicious software creators "go to great lengths" to make the items appear legitimate, including "elaborate" information and instruction files that "may have been generated with artificial intelligence tools".
The people behind the malicious project also artificially inflated the number of "commits" (that is, changes to the project), while adding multiple references to specific changes, giving the impression that the project was actively improving.
Cyber security firm Kaspersky: Hackers are creating hundreds of fake GitHub projects to trick users into downloading malicious software that encrypts and steals credentials
2025-02-26 02:20:23
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
网络安全公司Kaspersky:黑客们在创建数百个虚假的GitHub项目,以诱骗用户下载加密和窃取凭证的恶意软件Next article:
昨日IBIT净流出1.6199亿美元