The attackers are leveraging SourceForge to distribute fraudulent Microsoft add-ins that install malware on victims’ PCs to mine and siphon crypto.
SourceForge.net is a legitimate software hosting and distribution platform that also offers version control, issue tracking, and dedicated forums/wikis, making it a popular choice among open-source project communities.
Although its open project submission methodology allows for lots of abuse, malware is rarely disseminated through it.
The novel campaign discovered by Kaspersky has affected approximately 4,604 systems, the majority of which are in Russia. While the malicious project is no longer available on SourceForge, Kaspersky claims it was indexed by search engines, resulting in traffic from visitors searching for “office add-ins” or something similar.
Fraudulent office add-ins
The “officepackage” project poses as a set of development tools for Office Add-ins, and it
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: