Cybercriminals have initiated a sophisticated attack that targets Github users. They use false benchmarks to disseminate malware that steal personal data and cryptocurrency. Kaspersky, a security company, has identified more than 200 standards that deceive the developers and merchants without distrust by posing as legitimate open source projects.
Deceptive benchmarks flooding the github
The authors of this program have designed their benchmarks to be credible, often representing them as solutions to automate Instagram interactions or manage Bitcoin wallets. These false projects aim to convince consumers of their authenticity using professional descriptions, regular updates and meticulously produced documentation.
The victims who fall on the trapstole install malicious software from these fraudulent standards. Infected files contain Trojan horses (rats) to remote access, clipboard hackers and data extraction software, allowing attackers to recover browser stories, cryptocurrency portfolio details and connection references.
GitHub malware alert ⚠️
Our global research and analysis team (excellent) discovered Gitvenom – a steps in several stages #malware Campaign operating the open source code. Targeted infected benchmarks #gamers And #crypto investors, hijacked portfolios and siphon $ 485,000 in #Bitcoin.
Get… pic.twitter.com/yhzjbshcbv
– Kaspersky (@Kaspersky) February 26, 2025
Malware send stolen data via Telegram
When installed, malware sends the data captured to pirates via Telegram. The attackers use this secure messaging application to obtain sensitive information while remaining undetectable. In some cases, malware modifies information from the clipboard, which means that cryptocurrency transactions are redirected to portfolios controlled by pirates.
The extent of the operation is a source of concern. According to Kaspersky, a user lost 5 bitcoins, valued at around $ 442,000, following hacking. Kaspersky has monitored many incidents from different countries: Russia, Brazil and Turkey are most seriously affected.
BTCUSD trading at $87,721 on the daily chart: TradingView.com
Gitvenom
In a February 24 report, Kaspersky analyst Georgy Kucherin said the pirates had created hundreds of referentials on Github containing fictitious projects that contain Trojan horses (rats), information thieves and press pirates as part of the malicious operation, which the company has called “Gitvenom”.
Kucherin added that malware creators have made a huge effort to make legitimate projects by including well-designed instructions that may have been generated with the use of artificial intelligence programs.
Extreme caution a must
Kaspersky urged users to “be very prudent to download the code from Github”. If you want to reduce the possibility of becoming a victim of these attacks, a maximum security measure is essential. This may involve the scanning of files downloaded for viruses, to avoid referentials with low activity or recent creation dates, and to revise and check the history of the owners of standards.
As new cyberrenchers occur, users must be alerts to protect their valuables. Modern social engineering and phishing techniques are sufficiently sophisticated to surpass even the most experienced programmers. To reduce the risk of potential threats in the future, it is ideal to stay aware and maintain rigorous security protocols.
Star image of Gemini Imagen, tradingView graphic
