This new phishing strategy utilizes GitHub comments to distribute malware

0
1

  • Github repositories are being infected with malware
  • Trusted repositories can bypass secure web gateways
  • Github comments are also being used to hide malicious files

In a new phishing campaign detected by Cofense Intelligence, threat actors used a novel approach by leveraging trusted GitHub repositories to deliver malware. The campaign is aimed at exploiting the inherent trust many organizations place in GitHub as a developer platform.

Instead of creating malicious repositories, attackers chose to embed malware into legitimate ones affiliated with tax organizations such as UsTaxes, HMRC, and Inland Revenue.

LEAVE A REPLY

Please enter your comment!
Please enter your name here