smallcircles , 4 months ago

Beware infected #Github repositories having #malware in them.

https://apiiro.com/blog/malicious-code-campaign-github-repo-confusion-attack

> In order to maximize the chances of infection the malicious actor is flooding GitHub with malicious repos

Like this:

• Clone existing repos (for example: TwitterFollowBot, WhatsappBOT, discord-boost-tool, Twitch-Follow-Bot)

• Infect them with malware loaders

• Upload them back to GitHub with identical names

• Automatically fork each thousands of times

• Covertly promote them across the web

#security