Crypto Projects Are Affected by Massive Malware Attack Against GitHub

Crypto Projects Are Affected by Massive Malware Attack Against GitHub

Malware attack strikes GitHub repositories including crypto, Golang, and JavaScript projects. 

Github, an Internet hosting service used for software development, has been invaded by malware, resulting in thousands of cloned repositories

According to the Tweets shared by GitHub Developer Stephen Lacy, over 35,000 repositories have been infected, including crypto, Golang, Python, JavaScript, Bash, Docker, and Kubernetes

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Case Of Sushiswap Founder’s Disappearance With $14,000,000

Case Of Sushiswap Founder’s Disappearance With $14,000,000 Case Of Sushiswap Founder’s Disappearance With $14,000,000

Based on the report shared by Bleeping Computer, the repos were not hacked but rather copied and altered to contain malware. The hackers have created a cloned version of an existing project, which contained malicious codes and links

Lacy noticed these changes when reviewing a random project found on Google. 

Bleeping Computer claims that a malicious URL link “exfiltrated a user’s environment variables but additionally contained a one-line backdoor”. 

When the user downloads and sets up the project, it provides access to all environment variables (ENV), such as the user's script, laptop, or app data. This information is immediately sent to the attacker's server. These variables usually contain sensitive data, such as “API keys, tokens, Amazon AWS credentials, and crypto keys”

GitHub later took to Twitter to confirm the malware attack and inform the users that clones were cleaned up or quarantined

This is not the first time malicious malware is trying to steal sensitive data. At the end of July, Luca Stealer malware was targeting Windows operating systems and stealing crypto wallet information

Overall, it seems that this week is a never-ending crypto hacking cycle. On August 2nd, Nomad had been drained of around $200 million worth of crypto. On the same day, multiple Solana-based crypto wallets have been hacked and robbed for almost $8 million in total. 

Aaron S. - Expert Reviewer

by Aaron S. - Expert Reviewer, BitDegree


Loading...