Connect with us

Markets

Crypto Threat: Malware Infiltrates Github Cloning Thousands of Repos

The developer platform Github has been inundated with malware which has, in turn, infiltrated tens of thousands of repositories.

The post Crypto Threat: Malware Infiltrates Github Cloning Thousands of Repos appeared first on BeInCrypto.

The developer platform Github has been inundated with malware which has infiltrated tens of thousands of repositories.

As many as 35,000 Github repositories have been cloned with malware according to a security researcher.

The widespread malware attack did not target crypto repositories (repos) specifically, but they have been among those impacted.

Software engineer Stephen Lacy alerted the crypto community to the incursion on Aug. 3.

Cloning Github repos

Tech portal Bleeping Computer reported that the repos were not hacked but had been copied with their clones altered to include the malware. Cloning open source code is a common practice among developers, however, the attackers have injected malicious code and links into legitimate projects to target unsuspecting developers.

Several projects from crypto, Golang, Python, JavaScript, Bash, Docker, and Kubernetes have been affected by the attack, the researcher noted.

While reviewing a project he had found from a Google search, the engineer noticed a malicious URL in the code. Scanning Github repos for this URL returned more than 35,000 results.

Bleeping Computer said that more than 13,000 search results were from a single repository called ‘redhat-operator-ecosystem.’ The malicious URL “exfiltrated a user’s environment variables but additionally contained a one-line backdoor,” the report added.

These environment variables can contain sensitive data such as API keys, tokens, Amazon AWS credentials, and crypto keys. The malware also allows remote attackers to execute arbitrary code on the systems of all those who install and run the clones.

The majority of the cloned repos had appeared within the past month, the report stated.

Github confirmed that the original repositories were not compromised and it had cleaned up or quarantined the clones.

Last month, BeInCrypto reported that a new strain of malware written in Rust was doing the rounds. Luca Stealer targets Windows operating systems and steals sensitive information such as crypto wallet information. The malware was also distributed on Github.

Miserable week in crypto

DeFi researcher Miles Deutscher pointed out that it has not been a great week in crypto. Earlier this week the Nomad bridge was exploited for $190 million and a few hours after, around 8,000 Solana wallets were hacked resulting in the theft of an estimated $8 million.

Markets appear to be unaffected though as total capitalization has gained 1.7% on the day to reach $1.12 trillion at the time of writing.

The post Crypto Threat: Malware Infiltrates Github Cloning Thousands of Repos appeared first on BeInCrypto.

Source: Markets – BeInCrypto

Continue Reading
Advertisement
Click to comment

You must be logged in to post a comment Login

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

We need your support.

Enjoying our free service? Please help us by clicking the ads on our website. They are 100% safe. Thank you!