Cybercriminals Exploit GitHub to Distribute Crypto Malware
26.02.2025 20:00 2 min. read Kosta Gushterov
Cybercriminals are increasingly targeting GitHub users by creating deceptive repositories to spread malware, particularly designed to steal sensitive information like cryptocurrency details and personal credentials. A
A recent report from Kaspersky highlights a rising trend of fake projects that trick unsuspecting developers into downloading malicious software under the guise of legitimate tools.
These fake repositories, part of a campaign called “GitVenom,” feature software that masquerades as useful programs, such as Bitcoin wallet managers or Instagram automation tools. However, beneath the surface, the software is equipped with hidden threats like remote access trojans (RATs) and clipboard hijackers, which can collect user data and even replace crypto wallet addresses with those controlled by the attackers.
Kaspersky’s investigation reveals that these hackers have been active for over two years, creating convincing-looking projects with AI-generated documentation and regular “updates” to maintain the illusion of legitimacy. Despite the appearance of activity, the projects typically do very little, performing only meaningless tasks that disguise their true intentions.
The malware from these fake repositories has proven to be highly effective. In one instance, it led to a theft of 5 Bitcoin, worth about $442,000. Regions like Russia, Brazil, and Turkey have been particularly targeted by the attackers, but their reach is global.
Given the popularity of code-sharing platforms like GitHub, Kaspersky warns that these types of scams will continue, urging developers to be cautious about third-party code and verify what actions it performs before running it.
-
1
Interpol Fugitive May Be Tied to New Crypto Scheme
16.03.2025 20:00 2 min. read -
2
Ex-Bank Staffer Pleads Guilty to Facilitating Fraud and Drug Money Laundering
15.03.2025 13:00 1 min. read -
3
Thai Authorities Uncover Massive Illegal Crypto Mining Operation, Seizing 63 Rigs
17.03.2025 10:00 2 min. read -
4
Hacker Exploits Smart Contracts Vulnerability, Steals $13 Million in Ethereum
25.03.2025 20:15 1 min. read -
5
Crypto Influencer BitBoy Arrested on Serious Charges in Florida
26.03.2025 13:00 1 min. read
Bybit Hack Leads to Record Crypto Losses in Early 2025
The first quarter of 2025 has been marked by a significant surge in crypto hacks, with losses totaling over $1.63 billion.
Coinbase Users May Have Lost $46 Million to Rising Phishing Scams
In the past two weeks, Coinbase users may have fallen victim to phishing schemes resulting in an estimated $46 million in losses, as malicious actors continue to exploit the growing interest in cryptocurrency.
South Korean Court Sentences Three for $460K Crypto Scam
A South Korean court recently handed down prison sentences to three individuals involved in a cryptocurrency investment scam that defrauded investors of approximately $460,000.
Five Arrested in India for $700K Crypto Fraud Scheme
Indian authorities recently apprehended five individuals, including one woman, involved in a sophisticated crypto scam that defrauded a businessman of nearly $700,000.
-
1
Interpol Fugitive May Be Tied to New Crypto Scheme
16.03.2025 20:00 2 min. read -
2
Ex-Bank Staffer Pleads Guilty to Facilitating Fraud and Drug Money Laundering
15.03.2025 13:00 1 min. read -
3
Thai Authorities Uncover Massive Illegal Crypto Mining Operation, Seizing 63 Rigs
17.03.2025 10:00 2 min. read -
4
Hacker Exploits Smart Contracts Vulnerability, Steals $13 Million in Ethereum
25.03.2025 20:15 1 min. read -
5
Crypto Influencer BitBoy Arrested on Serious Charges in Florida
26.03.2025 13:00 1 min. read
