Cybercriminals Exploit GitHub to Distribute Crypto Malware
26.02.2025 20:00 2 min. read Kostadin Dimitrov
Cybercriminals are increasingly targeting GitHub users by creating deceptive repositories to spread malware, particularly designed to steal sensitive information like cryptocurrency details and personal credentials. A
A recent report from Kaspersky highlights a rising trend of fake projects that trick unsuspecting developers into downloading malicious software under the guise of legitimate tools.
These fake repositories, part of a campaign called “GitVenom,” feature software that masquerades as useful programs, such as Bitcoin wallet managers or Instagram automation tools. However, beneath the surface, the software is equipped with hidden threats like remote access trojans (RATs) and clipboard hijackers, which can collect user data and even replace crypto wallet addresses with those controlled by the attackers.
Kaspersky’s investigation reveals that these hackers have been active for over two years, creating convincing-looking projects with AI-generated documentation and regular “updates” to maintain the illusion of legitimacy. Despite the appearance of activity, the projects typically do very little, performing only meaningless tasks that disguise their true intentions.
The malware from these fake repositories has proven to be highly effective. In one instance, it led to a theft of 5 Bitcoin, worth about $442,000. Regions like Russia, Brazil, and Turkey have been particularly targeted by the attackers, but their reach is global.
Given the popularity of code-sharing platforms like GitHub, Kaspersky warns that these types of scams will continue, urging developers to be cautious about third-party code and verify what actions it performs before running it.
-
1
Hackers Target UK Official’s Account in Crypto Scam Disguised as Government Project
17.04.2025 9:00 2 min. read -
2
Hacker Returns $7.5M in KiloEx Breach After Bounty Deal
19.04.2025 15:00 2 min. read -
3
Former Celsius CEO Alex Mashinsky Set for Sentencing Next Month
24.04.2025 16:00 2 min. read -
4
Mango Markets Hacker Sentenced for Separate Criminal Charges
03.05.2025 11:00 1 min. read -
5
DeFi Protocol Loopscale Hit by Exploit, Pauses Key Functions
27.04.2025 17:30 2 min. read
Mango Markets Hacker Sentenced for Separate Criminal Charges
Avraham Eisenberg, known for orchestrating the 2022 Mango Markets exploit, has been handed a 52-month prison sentence—but not for his crypto-related activities.
DeFi Protocol Loopscale Hit by Exploit, Pauses Key Functions
Loopscale, a decentralized finance platform built on Solana, was forced to pause its lending operations after a major security breach led to losses of around $5.8 million.
Former Celsius CEO Alex Mashinsky Set for Sentencing Next Month
Alex Mashinsky, co-founder and former CEO of the defunct crypto lending platform Celsius, is scheduled to be sentenced on May 8, 2025, following his guilty plea to two federal criminal charges late last year.
Hacker Returns $7.5M in KiloEx Breach After Bounty Deal
A decentralized exchange targeted in a multi-million-dollar exploit has recovered its losses just days after the incident, thanks to an unexpected twist involving the hacker themselves.
-
1
Hackers Target UK Official’s Account in Crypto Scam Disguised as Government Project
17.04.2025 9:00 2 min. read -
2
Hacker Returns $7.5M in KiloEx Breach After Bounty Deal
19.04.2025 15:00 2 min. read -
3
Former Celsius CEO Alex Mashinsky Set for Sentencing Next Month
24.04.2025 16:00 2 min. read -
4
Mango Markets Hacker Sentenced for Separate Criminal Charges
03.05.2025 11:00 1 min. read -
5
DeFi Protocol Loopscale Hit by Exploit, Pauses Key Functions
27.04.2025 17:30 2 min. read
