There is an ongoing surge of malicious repositories on GitHub, and the sad thing about it is that GitHub seems not to care much. About 10 days ago, I searched for a repo on DuckDuckGo and stumbled upon a fake GitHub repo. It mimics a legitimate repository, but instead of providing usual releases, it only provides malicious Windows binaries. Linux/MacOS binaries are not available, and the information on how to build the project was removed from the README file. The description was also altered using LLMs, removing a lot of technical details. I reported this repository to GitHub, explaining the problem and showing the report from VirusTotal. To this day, the repository is still there, and the binaries are still available for download. The repo has been active for two months. The README gets constantly updated every hour so that it will appear in the GitHub search higher. Today, I saw another case of this on X,[......]
No comments yet. Log in to reply on the Fediverse. Comments will appear here.