Cybercriminals Exploit GitHub to Distribute Crypto Malware
26.02.2025 20:00 2 min. read Kosta Gushterov
Cybercriminals are increasingly targeting GitHub users by creating deceptive repositories to spread malware, particularly designed to steal sensitive information like cryptocurrency details and personal credentials. A
A recent report from Kaspersky highlights a rising trend of fake projects that trick unsuspecting developers into downloading malicious software under the guise of legitimate tools.
These fake repositories, part of a campaign called “GitVenom,” feature software that masquerades as useful programs, such as Bitcoin wallet managers or Instagram automation tools. However, beneath the surface, the software is equipped with hidden threats like remote access trojans (RATs) and clipboard hijackers, which can collect user data and even replace crypto wallet addresses with those controlled by the attackers.
Kaspersky’s investigation reveals that these hackers have been active for over two years, creating convincing-looking projects with AI-generated documentation and regular “updates” to maintain the illusion of legitimacy. Despite the appearance of activity, the projects typically do very little, performing only meaningless tasks that disguise their true intentions.
The malware from these fake repositories has proven to be highly effective. In one instance, it led to a theft of 5 Bitcoin, worth about $442,000. Regions like Russia, Brazil, and Turkey have been particularly targeted by the attackers, but their reach is global.
Given the popularity of code-sharing platforms like GitHub, Kaspersky warns that these types of scams will continue, urging developers to be cautious about third-party code and verify what actions it performs before running it.
-
1
U.S. Court Ends Tornado Cash Legal Dispute, Marking Win for Coin Center
08.07.2025 10:00 2 min. read -
2
SEC Charges Georgia-based First Liberty and Owner in $140 Million Ponzi Scheme
12.07.2025 17:00 2 min. read -
3
Ex-NCA Officer Jailed for Stealing 50 BTC From Dark Web Criminal
17.07.2025 20:00 3 min. read -
4
Crypto Users Targeted as Cointelegraph and CoinMarketCap Fall to Front-End Hacks
23.06.2025 14:00 2 min. read -
5
CoinMarketCap Potentially Compromised in Ongoing Front-End Attack
21.06.2025 10:00 1 min. read
Ex-NCA Officer Jailed for Stealing 50 BTC From Dark Web Criminal
A former National Crime Agency (NCA) officer has been sentenced to five years and six months in prison after stealing 50 BTC—now worth over £4.4 million—from a criminal investigation he was helping to lead.
SEC Charges Georgia-based First Liberty and Owner in $140 Million Ponzi Scheme
The U.S. Securities and Exchange Commission (SEC) has filed emergency enforcement actions against First Liberty Building & Loan, LLC and its founder, Edwin Brant Frost IV, alleging they operated a $140 million Ponzi scheme that spanned more than a decade and defrauded around 300 investors.
U.S. Court Ends Tornado Cash Legal Dispute, Marking Win for Coin Center
A legal clash between Coin Center and the U.S. Treasury Department over sanctions imposed on Tornado Cash has officially come to an end, following a joint decision to dismiss the case.
Hackers Steal $140 Million from Brazilian Central Bank, Launder Funds Through Crypto
A sophisticated cyberattack targeting Brazil’s central bank reserve accounts has resulted in the theft of over $140 million (R$800 million), much of which was swiftly funneled through cryptocurrency channels.
-
1
U.S. Court Ends Tornado Cash Legal Dispute, Marking Win for Coin Center
08.07.2025 10:00 2 min. read -
2
SEC Charges Georgia-based First Liberty and Owner in $140 Million Ponzi Scheme
12.07.2025 17:00 2 min. read -
3
Ex-NCA Officer Jailed for Stealing 50 BTC From Dark Web Criminal
17.07.2025 20:00 3 min. read -
4
Crypto Users Targeted as Cointelegraph and CoinMarketCap Fall to Front-End Hacks
23.06.2025 14:00 2 min. read -
5
CoinMarketCap Potentially Compromised in Ongoing Front-End Attack
21.06.2025 10:00 1 min. read