Kaspersky’s Global Research & Analysis Team (GReAT) uncovered a new campaign called GitVenom targeting gamers and cryptoinvestors through infected open source repositories. The fake projects included tools for Instagram automation, Bitcoin wallet management, and Valorant game cracking. Cybercriminals stole personal and banking data, as well as cryptocurrency wallet addresses. The malicious code infected victims’ devices to enable remote control by the attackers. The malware included a stealer for passwords and financial information, as well as remote administration tools and a clipboard hijacker for cryptocurrency addresses. The attackers used attractive descriptions to mask the malicious intent on GitHub. Geo-targeting revealed most cases in Brazil, Turkiye, and Russia. Notably, the attackers received around 5 Bitcoins ($485,000) in November 2024. Kaspersky advises caution in using third-party code and encourages thorough checks to prevent compromise. The GReAT team uncovers cybercriminal trends and malware worldwide, consisting of 35+ experts globally.
https://www.kaspersky.com/about/press-releases/kaspersky-exposes-hidden-malware-on-github-stealing-personal-data-and-485000-in-bitcoin