GitHub-hosted copycat Mac app malware scam proliferates
8 hours ago
- #Scam
- #Malware
- #GitHub
- Scammers are impersonating well-known Mac apps on GitHub, including StopTheMadness Pro, 1Blocker, and others.
- The scam involves multiple anonymous GitHub accounts, fake support emails, and fraudulent download links.
- A JavaScript script in the scam repositories redirects victims to malicious websites via Base64-encoded URLs.
- The final payload is a Mach-O executable, likely malware, delivered through several layers of indirection.
- GitHub and Microsoft need to take action to prevent the spread of malware and limit anonymous account creation for scams.