🔥 BitDegree partnered with Ogvio - a free international money transfer service! Sign up now & grab Rewards! 🎁
Ogvio Horizontal Banner
Crypto News Exploits
Hackers Use Fake GitHub Repositories to Steal Crypto in “GitVenom” Scam

Hackers Use Fake GitHub Repositories to Steal Crypto in “GitVenom” Scam

Aaron S. Editor-In-Chief
Written by Aaron S.,
Editor-In-Chief

✓ Fact Checked

Last Updated: February 26, 2025

✓ Fact Checked

Key Takeaways

  • ​Hackers are using fake GitHub repositories to spread malware that steals crypto and login credentials;
  • These fraudulent projects appear legitimate with AI-generated instructions and fake activity logs;
  • Kaspersky warns that the GitVenom scam has been active for years and urges caution with third-party code.

Stop overpaying - start transferring money with Ogvio. Sign up, invite friends & grab Rewards now! 🎁

Hackers Use Fake GitHub Repositories to Steal Crypto in “GitVenom” Scam

Kaspersky, a cybersecurity firm, reported that hackers are using fake GitHub repositories to steal cryptocurrency and login credentials.

Kaspersky's investigation also revealed evidence that some of these repositories have been active for at least two years. The scam, known as "GitVenom", appears to have a higher concentration of victims in Russia, Brazil, and Turkey, though it has been observed worldwide.

Kaspersky researcher Georgy Kucherin revealed in a February 24 report that these fraudulent repositories pretend to offer useful tools, such as a Telegram bot for managing Bitcoin BTC $90,192.74 wallets or an Instagram automation tool. However, instead of functioning as described, they install malware that grants attackers access to sensitive information.

What is a Rug Pull in Crypto? (Meaning + Examples)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

What is a Rug Pull in Crypto? (Meaning + Examples)

What is a Rug Pull in Crypto? (Meaning + Examples) What is a Rug Pull in Crypto? (Meaning + Examples)

Hackers included detailed descriptions and instructional files, which Kaspersky suspects may have been generated with artificial intelligence (AI). They also manipulated project activity by continuously updating a timestamp file, which made it look like the repository was actively maintained.

Kaspersky found that the advertised features were non-functional, and the files executed meaningless actions while running hidden malware in the background. Once installed, the malware extracted saved credentials, browsing history, and cryptocurrency wallet details, sending them to attackers through Telegram.

Another malicious component worked as a clipboard hijacker, which monitored copied wallet addresses and replaced them with the hacker’s own. This method allowed attackers to intercept cryptocurrency transactions without the victim noticing.

On February 5, Kaspersky researchers discovered malware hidden in app development tools used to create apps for Google Play and the Apple App Store. What damage could it cause? Read the full story.

Aaron S. Editor-In-Chief
Aaron S. Editor-In-Chief
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.
See Our Experts
Loading...

The Most Liked Crypto News Findings

Looking for more latest crypto news on related topic? We have gathered similar news articles for you to spare your time. Take a look!

Flow Foundation Ditches Rollback Plan After Community Pushback

Exploits

Flow Foundation Ditches Rollback Plan After Community Pushback

Scammer Posing as Coinbase Agent Allegedly Steals $2 Million

Exploits

Scammer Posing as Coinbase Agent Allegedly Steals $2 Million

Insider Attack? Trust Wallet Breach Linked to Compromised Build

Exploits

Insider Attack? Trust Wallet Breach Linked to Compromised Build

Latest Crypto News & Videos

On-chain Perpetuals Push Crypto Derivatives Past $1 Trillion in 2025

Cryptocurrencies

On-chain Perpetuals Push Crypto Derivatives Past $1 Trillion in 2025

Lighter’s LIT Airdrop and Token Split Ignite Debate in DeFi

Exchanges

Lighter’s LIT Airdrop and Token Split Ignite Debate in DeFi

Binance Halts Visa and Mastercard Withdrawals for Ukrainians

Exchanges

Binance Halts Visa and Mastercard Withdrawals for Ukrainians

How to Send Money Abroad? Most Affordable Way Revealed (2026) How to Send Money Abroad? Most Affordable Way Revealed (2026)
VIDEO

How to Send Money Abroad? Most Affordable Way Revealed (2026)

What Is a Neobank (And Should You Use It)? What Is a Neobank (And Should You Use It)?
VIDEO

What Is a Neobank (And Should You Use It)?

How to Transfer Money Without Fees? [Animated Tips 2025] How to Transfer Money Without Fees? [Animated Tips 2025]
VIDEO

How to Transfer Money Without Fees? [Animated Tips 2025]

Trending Crypto News

10 bold crypto predictions for 2026

10 bold crypto predictions for 2026

BitDegree Launches Reward-Based Mission Around Real-Asset-Backed Yield

BitDegree Launches Reward-Based Mission Around Real-Asset-Backed Yield

What 2025 taught us (the hard way)

What 2025 taught us (the hard way)

BitDegree Launches New Mission Focused on Sending Money to Nigeria and Beyond

BitDegree Launches New Mission Focused on Sending Money to Nigeria and...

Ogvio Square Banner
Coinbase Square
Ledger Square
Ogvio Square Banner
binance
×
Verified

ZERO FEES

For Ogvio Money Transfers
Rating
5.0
Get deal
×
BitDegree.org

BitDegree.org

Fact-checking Standards

To ensure the highest level of accuracy & most up-to-date information, BitDegree.org is regularly audited & fact-checked by following strict editorial guidelines & review methodology.
Carefully selected industry experts contribute their real-life experience & expertise to BitDegree's content. Our extensive Web3 Expert Network is compiled of professionals from leading companies, research organizations and academia.

All the content on BitDegree.org meets these criteria:

  • Only authoritative sources like academic associations or journals are used for research references while creating the content.
  • The real context behind every covered topic must always be revealed to the reader.
  • If there's a disagreement of interest behind a referenced study, the reader must always be informed.
Feel free to contact us if you believe that content is outdated, incomplete, or questionable.
×
Subscribe

Subscribe

On Youtube

Understand crypto with ease

New explainer videos every week!