Crypto Scam Alert: Hackers Use GitHub To Steal Funds—Kaspersky

Bitcoinist
Updated
Mitrade
coverImg
Source: DepositPhotos

Cybercriminals have initiated a sophisticated attack that targets GitHub users. They are utilizing fake repositories to disseminate malware that steals personal data and cryptocurrency. Kaspersky, a security firm, has identified more than 200 repositories that deceive unsuspecting developers and merchants by posing as legitimate open-source projects.


Deceptive Repositories Inundate GitHub


The perpetrators of this scheme have designed their repositories to look credible, often depicting them as solutions for automating Instagram interactions or managing Bitcoin wallets. These bogus projects aim to convince consumers of their authenticity by employing professional descriptions, regular updates, and meticulously produced documentation.


Victims who fall to the trap install malware from these fraudulent repositories. Infected files contain remote access trojans (RATs), clipboard hijackers, and data-extracting software, allowing attackers to retrieve browser histories, cryptocurrency wallet details, and login credentials.


Malware Sends Stolen Data Via Telegram


When installed, the malware sends away the captured data to hackers through Telegram. Attackers use this secured messaging app to obtain sensitive information while remaining undetectable. In some cases, the malware alters clipboard information, which causes cryptocurrency transactions to be redirected to wallets controlled by the hackers.


The magnitude of the operation is a cause for concern. According to Kaspersky, one user lost 5 Bitcoins, valued at approximately $442,000, as a result of the hack. Kaspersky has monitored numerous incidents from different countries: Russia, Brazil, and Turkey are the most severely affected.


The GitVenom


In a February 24 report, Kaspersky analyst Georgy Kucherin stated that hackers had created hundreds of repositories on GitHub containing fictitious projects that contain remote access trojans (RATs), info-stealers, and clipboard hijackers as part of the malware operation, which the company named “GitVenom.”

Kucherin added the malware creators made a huge effort to make the projects look legitimate by including well-designed instruction files that were possibly generated with the use of artificial intelligence programs.


Extreme Caution A Must


Kaspersky urged users to “be extra cautious about downloading code from GitHub.” If you wish to reduce the possibility of becoming a victim of such attacks, maximum security measure is essential. This may involve scanning downloaded files for viruses, avoiding repositories with low activity or recent creation dates, and reviewing and verifying the history of repository owners.


As new cyber threats arise, users need to be alert in protecting their valuables. Modern social engineering and phishing techniques are sophisticated enough to outwit even the most experienced of programmers. To reduce the chance of potential threats in the future, it is ideal to remain cognizant and maintain rigorous security protocols.

* The content presented above, whether from a third party or not, is considered as general advice only.  This article should not be construed as containing investment advice, investment recommendations, an offer of or solicitation for any transactions in financial instruments.

goTop
quote
Do you find this article useful?
Related Articles
placeholder
Dogecoin price jump above $0.20 triggers $13 million in liquidationsDogecoin (DOGE) price edges higher after stepping above $0.20 and climbing to trade around $0.21 at the time of writing on Friday.
Author  FXStreet
5 hours ago
Dogecoin (DOGE) price edges higher after stepping above $0.20 and climbing to trade around $0.21 at the time of writing on Friday.
placeholder
Massive Buy Pressure Hits Binance as Bitcoin Reclaims $100,000Bitcoin’s price has finally reclaimed the $100,000 milestone after ranging below it for several weeks. This latest surge signals renewed momentum in the broader crypto market.
Author  NewsBTC
6 hours ago
Bitcoin’s price has finally reclaimed the $100,000 milestone after ranging below it for several weeks. This latest surge signals renewed momentum in the broader crypto market.
placeholder
ETF Inflows Surge as Bitcoin Reclaims $100,000—But Caution Creeps Into OptionsSpot Bitcoin ETFs registered another consecutive day of inflows on Thursday, coinciding with the coin’s rally back above the $100,000 mark for the first time since February. 
Author  Beincrypto
6 hours ago
Spot Bitcoin ETFs registered another consecutive day of inflows on Thursday, coinciding with the coin’s rally back above the $100,000 mark for the first time since February. 
placeholder
Ethereum Blasts Past $1,900 as On-Chain Signals Point to Institutional BuyingEthereum has seen renewed upward momentum over the past week, aligning with the broader recovery across the cryptocurrency market. At the time of writing, ETH is trading at $1,989.
Author  NewsBTC
8 hours ago
Ethereum has seen renewed upward momentum over the past week, aligning with the broader recovery across the cryptocurrency market. At the time of writing, ETH is trading at $1,989.
placeholder
Trump’s $6 Billion Trade Deal With The UK Pushes Bitcoin Past $100,000Bitcoin (BTC), the market’s leading cryptocurrency, has surpassed the $100,000 mark for the first time since February, driven by a notable shift in President Donald Trump’s tariff policies.
Author  NewsBTC
9 hours ago
Bitcoin (BTC), the market’s leading cryptocurrency, has surpassed the $100,000 mark for the first time since February, driven by a notable shift in President Donald Trump’s tariff policies.
Real-time Quote