Malware being distributed by secretive phishing network on GitHub

Published:

spot_img

Researchers Unveil Sophisticated Malicious Operation on GitHub: Stargazers Ghost Network Targeting Gamers, Social Media Enthusiasts, and Crypto Holders

Researchers from Check Point have uncovered a sophisticated malicious operation on GitHub, unlike anything seen before. The phishing ring, known as Stargazers Ghost Network, is targeting gamers, social media enthusiasts, and crypto holders through malicious repositories.

GitHub, owned by Microsoft, is a vital platform for software developers with over 100 million users and 420 million repositories. Phishers are taking advantage of this by creating fake accounts and repositories to distribute malware and malicious links.

The network operator behind this operation, identified as “Stargazer Goblin,” was discovered through dark web ads in June 2023. The network’s sophistication lies in its ability to make malicious repositories appear legitimate by using actions like starring, forking, and subscribing.

Fake accounts are used to own repositories with malicious links, boost them with other fake accounts, and release malicious repositories. The network targets specific victims based on their interests, including social media, gaming, and cryptocurrency.

Researchers warn that the threat actor behind this operation can have a significant impact by spreading ransomware infections, stealing credentials, or compromising crypto wallets. The network has already earned around $8,000 in less than a month and could have made over $100,000 since August 2022.

The network operates a Distribution as a Service (DaaS) model, distributing various types of malware. Researchers believe that GitHub Ghost accounts are just the beginning and that similar accounts may be operating on other platforms like Twitter, YouTube, and Instagram. Users across all platforms should be cautious of any links containing executables to avoid falling victim to malware attacks.

spot_img

Related articles

Recent articles

Sharjah Chamber Strengthens Economic Ties with Uganda and Jordan Through Strategic Discussions

Sharjah Chamber Strengthens Economic Ties with Uganda and Jordan Through Strategic Discussions The Sharjah Chamber of Commerce and Industry (SCCI) has taken significant steps to...

Kanpur Woman Loses ₹4 Lakh in Matrimonial Gift Parcel Cyber Fraud

Kanpur Woman Loses ₹4 Lakh in Matrimonial Gift Parcel Cyber Fraud In a troubling incident from Kanpur, a woman has reportedly fallen victim to a...

Valu Launches Egypt’s First Instant Cashback Loyalty Program, Transforming Everyday Spending Rewards

Valu Launches Egypt’s First Instant Cashback Loyalty Program, Transforming Everyday Spending Rewards Cairo: Valu, a prominent financial technology firm in the Middle East and North...

Laser Attack Resets Tangem Wallet Passwords, Exposing Unpatchable Security Flaw

Laser Attack Resets Tangem Wallet Passwords, Exposing Unpatchable Security Flaw Researchers from Ledger's Donjon security team have uncovered a significant vulnerability in Tangem crypto wallet...