Technology

GitHub users targeted by dangerous new phishing threat

November 14, 2024

Researchers discover Golssue – a new tool for extracting GitHub user emails
It is being sold for $700 on the dark web
Such a high-precision tool could lead to dangerous supply chain attacks

GitHub users are allegedly being targeted in a brand new phishing campaign, according to SlashNext.

The company recently published an article titled “GoIssue – The Tool Behind Recent GitHub Phishing Attacks”, detailing the tool, which, from the headline, appears to have already been put to use.

However, the article’s body mostly discusses the potential risks and the ways it could be used to facilitate targeted phishing campaigns and other cyber attacks. It outlines the features of GoIssue and how attackers “could” use it to target GitHub users, suggesting hypothetical scenarios rather than confirming any specific incidents where the tool has been deployed.

Discount for early adopters

In any case, Golssue is definitely a sophisticated hacking tool, and GitHub users should be on their guard.

SlashNext claims Golssue can extract email addresses from public GitHub profiles, and send bulk emails directly to people’s inboxes. That way, crooks could craft highly targeted, convincing phishing emails, which could result in GitHub users losing access to their profiles, or having projects compromised with malware in supply-chain attacks.

“Whether you’re aiming to reach a specific audience or expand your outreach, GoIssue offers the precision and power you need,” Golssue’s developer, a threat actor called ‘cyberdluffy’ said in an ad posted on the dark web.

To purchase a custom build of the tool, you will need to pay $700. Access to the source code can also be acquired, but for $3,000. TheHackerNews found on October 11, the developer slashed the prices to $150 and $1,000 respectively – for the first five customers. So, we might assume that no groups used it just yet.

GitHub is a web-based platform that provides version control and collaboration features for software development projects. It is extremely popular, and as such, often targeted by various criminal groups.

Via SlashNext

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

LEAVE A REPLY Cancel reply

EDITOR PICKS

POPULAR POSTS

QUICK LINKS

ABOUT US

FOLLOW US

Cookie bar