Representative image 
Xplore

Threat actors use ghost accounts on GitHub to access sensitive information

This is the first time such an operation has been identified on the GitHub platform.

Express News Service

BENGALURU: With the cybercrime landscape constantly evolving, threat actors are also finding new sophisticated ways to infect victims, get access to sensitive information, and cause harm. In its latest blog post, Check Point Research explains how the Stargazers Ghost Network is distributing malware through phishing repositories. This is the first time such an operation has been identified on the GitHub platform.

GitHub is commonly used to host open-source software development projects. It is also the world’s largest source code host with over 100 million developers, more than 420 million repositories, and 14 million visitors per day. It is on this platform that the Stargazers Ghost Network was found to be distributing malware and malicious links through phishing repositories of fake accounts.

What is alarming that such type of operation, where fake accounts are instrumented to organically perform phishing attacks to distribute malware, has never been seen before. The sophistication of this network lies in its ability to make malicious repositories appear legitimate through actions like starring (liking), forking (retweeting), and subscribing.

Check Point reveals that those repositories use phishing templates and tags that are highly victim-oriented, targeting users with various interests in social media, gaming, cryptocurrency, and many others. Such types of operations can create a significant impact as they are heavily victim-oriented, making infections of such victims even more severe with victims facing threats such as Ransomware infections to stolen credentials and compromised cryptocurrency wallets. Those GitHub repositories currently target mainly Windows users, though similar malware distribution methods can be used to target Linux or Android users, all of whom also have large user databases, marking a greater impact on the community, it added.

Recently, crypto exchange WazirX suffered a security breach as $234.9 million of funds have been moved to a new address. One of its multi-sig wallets experienced the breach. Crypto exchanges have now become a major target for hackers.

Follow The New Indian Express channel on WhatsApp 

Download the TNIE app to stay with us and follow the latest

Add TNIE As A Trusted Source

Also Read

No conspiracy involved, it was purely an accident: Sharad Pawar reacts to Ajit Pawar's death

'Runway not in sight': What happened before the Baramati aircraft crash that killed Ajit Pawar, four others

IAF deploys emergency ATC team at Baramati following plane crash that killed Maharashtra Dy CM Ajit Pawar

Mayawati defends UGC equity norms, cautions against social tension

ED freezes Rs 1,885 crore assets in alleged Reliance ADAG group bank fraud probe

SCROLL FOR NEXT