{"id":152082,"date":"2025-02-26T20:00:56","date_gmt":"2025-02-26T18:00:56","guid":{"rendered":"https:\/\/cryptodnes.bg\/en\/?p=152082"},"modified":"2025-02-26T18:22:30","modified_gmt":"2025-02-26T16:22:30","slug":"cybercriminals-exploit-github-to-distribute-crypto-malware","status":"publish","type":"post","link":"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/","title":{"rendered":"Cybercriminals Exploit GitHub to Distribute Crypto Malware"},"content":{"rendered":"<p>A recent <strong><a href=\"https:\/\/securelist.com\/gitvenom-campaign\/115694\/\">report<\/a> <\/strong>from Kaspersky highlights a rising trend of fake projects that trick unsuspecting developers into downloading malicious software under the guise of legitimate tools.<\/p>\n<p>These fake repositories, part of a campaign called \u201cGitVenom,\u201d feature software that masquerades as useful programs, such as Bitcoin wallet managers or Instagram automation tools. However, beneath the surface, the software is equipped with hidden threats like remote access trojans (RATs) and clipboard hijackers, which can collect user data and even replace crypto wallet addresses with those controlled by the attackers.<\/p>\n<p>Kaspersky\u2019s investigation reveals that these hackers have been active for over two years, creating convincing-looking projects with AI-generated documentation and regular \u201cupdates\u201d to maintain the illusion of legitimacy. Despite the appearance of activity, the projects typically do very little, performing only meaningless tasks that disguise their true intentions.<\/p>\n<style>\n    .dark-mode .read-more {background-color: #343a40 !important;}\n<\/style>\n<div class=\"read-more pb-3 pt-3 pt-md-2 px-3 my-4 border bg-light\">\n    <h5 class=\"text-uppercase border-bottom mb-3 pb-1 d-none d-md-block\">READ MORE:<\/h5>\n    <a class=\"article row\" href=\"https:\/\/cryptodnes.bg\/en\/bitcoin-correction-nearing-its-end-analyst-predicts-next-move\/\" title=\"Bitcoin Correction Nearing Its End? Analyst Predicts Next Move\">\n        <div class=\"contentRight col-4\">\n            <span class=\"imgContainer mt-0\">\n                <img decoding=\"async\" class=\"image img-defer\" src=\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2024\/03\/timi-bitcoin-1-1-240x170.webp\">\n            <\/span>\n        <\/div>\n        <div class=\"contentLeft col-8\">\n            <h4 class=\"title mb-0\">Bitcoin Correction Nearing Its End? Analyst Predicts Next Move<\/h4>           \n            \n        <\/div>        \n    <\/a>\n<\/div>\n<p>The malware from these fake repositories has proven to be highly effective. In one instance, it led to a theft of 5 Bitcoin, worth about $442,000. Regions like Russia, Brazil, and Turkey have been particularly targeted by the attackers, but their reach is global.<\/p>\n<p>Given the popularity of code-sharing platforms like GitHub, Kaspersky warns that these types of scams will continue, urging developers to be cautious about third-party code and verify what actions it performs before running it.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybercriminals are increasingly targeting GitHub users by creating deceptive repositories to spread malware, particularly designed to steal sensitive information like cryptocurrency details and personal credentials. A<\/p>\n","protected":false},"author":7,"featured_media":38610,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[26],"tags":[],"class_list":["post-152082","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocrime"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cybercriminals Exploit GitHub to Distribute Crypto Malware<\/title>\n<meta name=\"description\" content=\"Cybercriminals are increasingly targeting GitHub users by creating deceptive repositories to spread malware, particularly designed to...\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cybercriminals Exploit GitHub to Distribute Crypto Malware\" \/>\n<meta property=\"og:description\" content=\"Cybercriminals are increasingly targeting GitHub users by creating deceptive repositories to spread malware, particularly designed to...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/\" \/>\n<meta property=\"og:site_name\" content=\"Cryptodnes\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-26T18:00:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/defi-hackers-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"960\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kosta Gushterov\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kosta Gushterov\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/\",\"url\":\"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/\",\"name\":\"Cybercriminals Exploit GitHub to Distribute Crypto Malware\",\"isPartOf\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/defi-hackers-1.jpg\",\"datePublished\":\"2025-02-26T18:00:56+00:00\",\"author\":{\"@id\":\"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/f5770e36288515bca160ee4878e48d1a\"},\"description\":\"Cybercriminals are increasingly targeting GitHub users by creating deceptive repositories to spread malware, particularly designed to...\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/#primaryimage\",\"url\":\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/defi-hackers-1.jpg\",\"contentUrl\":\"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/defi-hackers-1.jpg\",\"width\":960,\"height\":720,\"caption\":\"hack\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/#website\",\"url\":\"https:\/\/cryptodnes.bg\/en\/\",\"name\":\"Cryptodnes\",\"description\":\"Crypto News, Bitcoin Analysis and More\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/cryptodnes.bg\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/f5770e36288515bca160ee4878e48d1a\",\"name\":\"Kosta Gushterov\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ffb619c90ceb226fc15531f787b1bc58?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ffb619c90ceb226fc15531f787b1bc58?s=96&d=mm&r=g\",\"caption\":\"Kosta Gushterov\"},\"url\":\"https:\/\/cryptodnes.bg\/en\/author\/kosta-gushterov\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cybercriminals Exploit GitHub to Distribute Crypto Malware","description":"Cybercriminals are increasingly targeting GitHub users by creating deceptive repositories to spread malware, particularly designed to...","og_locale":"en_US","og_type":"article","og_title":"Cybercriminals Exploit GitHub to Distribute Crypto Malware","og_description":"Cybercriminals are increasingly targeting GitHub users by creating deceptive repositories to spread malware, particularly designed to...","og_url":"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/","og_site_name":"Cryptodnes","article_published_time":"2025-02-26T18:00:56+00:00","og_image":[{"width":960,"height":720,"url":"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/defi-hackers-1.jpg","type":"image\/jpeg"}],"author":"Kosta Gushterov","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kosta Gushterov","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/","url":"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/","name":"Cybercriminals Exploit GitHub to Distribute Crypto Malware","isPartOf":{"@id":"https:\/\/cryptodnes.bg\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/#primaryimage"},"image":{"@id":"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/#primaryimage"},"thumbnailUrl":"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/defi-hackers-1.jpg","datePublished":"2025-02-26T18:00:56+00:00","author":{"@id":"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/f5770e36288515bca160ee4878e48d1a"},"description":"Cybercriminals are increasingly targeting GitHub users by creating deceptive repositories to spread malware, particularly designed to...","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cryptodnes.bg\/en\/cybercriminals-exploit-github-to-distribute-crypto-malware\/#primaryimage","url":"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/defi-hackers-1.jpg","contentUrl":"https:\/\/cryptodnes.bg\/en\/wp-content\/uploads\/sites\/2\/2022\/07\/defi-hackers-1.jpg","width":960,"height":720,"caption":"hack"},{"@type":"WebSite","@id":"https:\/\/cryptodnes.bg\/en\/#website","url":"https:\/\/cryptodnes.bg\/en\/","name":"Cryptodnes","description":"Crypto News, Bitcoin Analysis and More","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cryptodnes.bg\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/f5770e36288515bca160ee4878e48d1a","name":"Kosta Gushterov","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cryptodnes.bg\/en\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ffb619c90ceb226fc15531f787b1bc58?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ffb619c90ceb226fc15531f787b1bc58?s=96&d=mm&r=g","caption":"Kosta Gushterov"},"url":"https:\/\/cryptodnes.bg\/en\/author\/kosta-gushterov\/"}]}},"_links":{"self":[{"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/posts\/152082","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/comments?post=152082"}],"version-history":[{"count":1,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/posts\/152082\/revisions"}],"predecessor-version":[{"id":152083,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/posts\/152082\/revisions\/152083"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/media\/38610"}],"wp:attachment":[{"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/media?parent=152082"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/categories?post=152082"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptodnes.bg\/en\/wp-json\/wp\/v2\/tags?post=152082"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}