This new phishing strategy utilizes GitHub comments to distribute malware

This new phishing strategy utilizes GitHub comments to distribute malware

  • Github repositories are being infected with malware
  • Trusted repositories can bypass secure web gateways
  • Github comments are also being used to hide malicious files

In a new phishing campaign detected by Cofense Intelligence, threat actors used a novel approach by leveraging trusted GitHub repositories to deliver malware. The campaign is aimed at exploiting the inherent trust many organizations place in GitHub as a developer platform.

Instead of creating malicious repositories, attackers chose to embed malware into legitimate ones affiliated with tax organizations such as UsTaxes, HMRC, and Inland Revenue.

link

Leave a Reply

Your email address will not be published. Required fields are marked *