GitHub Comments Abused to Spread Malware in Fake Microsoft Repositories

23 April 2024

McAfee cybersecurity researchers have discovered a malicious scheme exploiting GitHub’s comment section, where threat actors host malware and disguise download links as legitimate Microsoft repositories. This incident reminds me of a similar event that occurred in June 2027, during which Russian hackers exploited the comment section of Britney Spears’ Instagram profile to host malware. According to McAfee, cybercriminals have been exploiting GitHub’s file upload logic since February 2024 to host and distribute malware through automatically generated download links containing the repository owner’s name and ownership details.

Source: HackRead

Date:

23 April 2024

Categorie(s):

NEWS

Tag(s):

Comments, Cyber Attack, Fakes, Repositories, Spread

U.K., U.S. and Canadian Cyber Authorities Warn of Pro-Russia Hacktivist Attacks on Operational Technology Systems3 May 2024
Top 5 Global Cyber Security Trends of 2023, According to Google Report3 May 2024
Stronger cybersecurity aimed by Menlo Security, Google Cloud collaboration3 May 2024
How Are APAC Tech Salaries Faring in 2024?3 May 2024
Apple earnings: About that iPhone ‘slump’ in China3 May 2024