GitHub is hiding malware disguised as games, legitimate software
GitHub is hiding malware disguised as games, legitimate software
Share:
Threat actors are targeting children with new campaign. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Cybercriminals are using GitHub to target children with infostealing malware, a new McAfee report has claimed, saying it spotted an ongoing malicious campaign on the popular code repository.
![[Password]](https://vanilla.futurecdn.net/cyclingnews/media/img/missing-image.svg)
In an analysis, the researchers said they observed many repositories pretending to be game hacks, cracks, or free versions of otherwise commercial software. However, instead of providing these programs, the repositories were actually hosting Lumma Stealer, a known infostealer malware.
“McAfee Labs encountered multiple repositories, offering game hacks for top-selling video games such as Apex Legends, Minecraft, Counter Strike 2.0, Roblox, Valorant, Fortnite, Call of Duty, GTA V and or offering cracked versions of popular software and services, such as Spotify Premium, FL Studio, Adobe Express, SketchUp Pro, Xbox Game Pass, and Discord to name a few,” the researchers said.
This “network of repositories”, as McAfee described it, changes the description every week, and creates new repositories, since the old ones get flagged and removed by GitHub. The payload, however, always remains the same. “These repositories also include distribution licenses and software screenshots to enhance their appearance of legitimacy,” McAfee concluded.
The descriptions also contain instructions on how to download and run the malware, and how to disable any antivirus programs on the computer, before running it. The attackers said that antivirus solutions flag these programs as false-positives, and can safely be ignored.
-0-15-screenshot-xl.jpg)
