Hundreds of GitHub repos found posing as real software to push malware

Hundreds of GitHub repos found posing as real software to push malware | Daily Reports Online

Share


  • ArcticWolf uncovered 292 malicious GitHub repositories spoofing legitimate tools and products, delivering a new BoryptGrab infostealer variant
  • Malware steals from 19 browsers, 32 crypto wallets, messaging apps, Steam, and Windows Credential Manager, and uniquely bypasses Chrome’s App‑Bound Encryption via code injection
  • Most repos have been removed, but some remain active; GitHub’s popularity makes it a prime target, underscoring the need to vet code before use

Russian actors have reportedly created hundreds of malicious GitHub repositories masquerading as legitimate software but acting as a dangerous infostealer.


Cybersecurity researchers ArcticWolf discovered the campaign after finding their own products spoofed as part of the attack.


Similar Posts