GitHub, FileZilla exploited for multiple malware delivery

21 May 2024

Sophisticated Russian threat operation GitCaught has exploited GitHub and FileZilla to facilitate the deployment of several malicious payloads, including the Atomic macOS Stealer, or AMOS, as well as the Octo, Lumma, and Vidar information-stealing malware strains, Security Affairs reports. Attacks involved the use of a GitHub profile to create a dozen domains spoofing 1Password, Pixelmator Pro, and other legitimate macOS apps, which would result in the distribution of AMOS, while a FileZilla server was utilized to distribute Python scripts and encrypted files with the Lumma and Vidar stealers, according to a report from Recorded Future’s Insikt Group.

Source: SC Magazine

Date:

21 May 2024

Categorie(s):

NEWS

Tag(s):

FileZilla, Identity, IT, Open Source, Open Source Software

North Korea’s Lazarus observed testing new macOS trojan in the wild14 November 2024
NSO – not government clients – operates its spyware, legal documents reveal14 November 2024
A Look at New Forms of Marketing and How to Implement Them14 November 2024
Cybercriminal devoid of boundaries gets 10-year prison sentence14 November 2024
These 8 Apps on Google Play Store Contain Android/FakeApp Trojan14 November 2024