GitVenom: Malicious Open Source Projects on GitHub Deliver Malware

Researchers uncovered a malicious campaign, dubbed "GitVenom," where threat actors created hundreds of fake open-source projects on GitHub to deliver malware. These projects, disguised as legitimate tools like Instagram automation scripts, Telegram bots, and game cheats, featured polished README files and frequent commits to appear authentic. Malicious code was cleverly hidden within projects written in various languages (Python, JavaScript, C/C++, C#), ultimately downloading and executing further malicious components from an attacker-controlled GitHub repository. These components included information stealers, remote access Trojans, and clipboard hijackers. The campaign has been active for years, impacting users globally, highlighting the risks of blindly running third-party code.
Read more