Threat actor impersonated hundreds of brands on GitHub to push infostealer malware

A financially motivated threat actor is impersonating hundreds of brands on GitHub and pushing a smash-and-grab infostealer masquerading as legitimate downloads of popular software, Arctic Wolf threat researchers have warned. “The 292 impersonated repositories span security tooling, fintech and personal finance, cryptocurrency wallets and exchanges, developer and productivity tools, secure email providers, macOS utilities, and gaming software, including ‘cheat’ tools,” they said. How the attack works Among these repositories was one impersonating Arctic Wolf, which … More

The post Threat actor impersonated hundreds of brands on GitHub to push infostealer malware appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article: