Malware-Laced GitHub Repos Found Masquerading as Developer Tools
10 months ago
- #cybersecurity
- #GitHub
- #malware
- Klarrio discovered a large-scale malware network on GitHub.
- CTO Bruno De Bus uncovered 2,400 malware-infected repositories and 15,000 fake accounts boosting their ratings.
- Malicious actors clone popular repositories, add malware, and use fake accounts to give high ratings.
- Some variants use AI to rewrite files, creating a false impression of community engagement.
- Malware payloads are fetched from specific URL patterns; users are advised to block these.
- Klarrio tightened its open-source intake process with additional security measures.
- The full list of infected repositories and fake accounts was shared with GitHub and [email protected].