Summary: Kaspersky Labs has identified a significant cybercrime campaign known as GitVenom, which targets GitHub users by distributing malicious repositories designed to steal cryptocurrency and sensitive credentials. This campaign utilizes fake open-source projects to exploit developers’ trust, with various coding languages employed to deliver hidden malware. The attackers have successfully manipulated the appearance of legitimacy in these repos, ultimately leading to considerable financial losses for victims.
Affected: GitHub users and cryptocurrency holders
Keypoints :
- The GitVenom campaign features hundreds of fraudulent repositories, masquerading as legitimate projects offering tools ranging from Instagram automation to gaming hacks.
- Malware is cleverly integrated into various programming languages, including Python and JavaScript, often hidden within disguised files or obfuscated code.
- The campaign has resulted in the theft of roughly 5 BTC (about 5,000) and primarily affects users in regions such as Russia, Brazil, and Turkey.