GitHub Experiences Malware Attack Infecting 35K Repositories
As an affiliate, we may earn from qualifying purchases. We get commissions for purchases made through links on this website.
Receive $10 in Bitcoin when you buy or sell $100 or more on Coinbase! https://mathisenmarketing.com/coinbase
Github, an Internet hosting service used for software development, has been malware infiltrated, resulting in thousands of cloned archives.
Did you know?
Want to be smarter and richer with crypto?
Subscribe – We publish new crypto explainer videos every week!
Based on report The repos shared by Bleeping Computer are not hacked, but rather copied and modified to contain malware. Hackers have created a cloned version of an existing project which contained malicious codes and links.
Lacy noticed these changes while looking at a random project he found on Google.
Bleeping Computer claims that the malicious URL link “filtered the user’s environment variables, but additionally included a one-line backdoor”.
When a user loads and configures a project, it provides access to all environment variables (ENVs) such as the user’s script, laptop, or application data. This information is immediately sent to the attacker’s server. These variables usually contain sensitive information such as “API keys, tokens, Amazon AWS credentials, and crypto keys”.
GitHub later confirmed the malware attack on Twitter and notified users clones were purged or quarantined.
This isn’t the first time malware has tried to steal sensitive data. At the end of July, the Luca Stealer malware was targeting Windows operating systems and stealing crypto wallet data.
All in all, it seems as if this week is a never-ending cycle of crypto hacks. On August 2, Nomad had been drained about $200 million worth of crypto. There have been several Solana-based crypto wallets on the same day hacked and robbed for a total of nearly $8 million.