+373 79 760-762
opencode.md@gmail.com
My account
OpenCode.md LogoOpenCode.md Logo - Shadow
  • About
    • Digital Public Goods
    • Digital/internet commons (EU)
    • Open Source Software
    • Open Source Hardware
    • Open AI models
    • Open Data
    • Open content
    • Open standards
    • Open education
    • Sustainable Development Goals
    • Principles for Digital Development
    • Approved Open Licenses
    • Requirements to open source solutions
    • Approved Git Repositories
    • Categories of Open Source Licenses
    • Benefits of using Open Source
    • Make your project Open Source
    • Open-Source Software monetization
    • Application Programming Interface (API)
    • Digital technologies in Civic Tech and GovTech
    • Civic Tech
  • Solutions Registry
    • General purpose
    • Linux
    • Artificial Intelligence
    • Digital Privacy
    • DevOps
    • Сybersecurity
    • Public sector
    • Smart city
    • Civic Technology
    • Agriculture
    • Healthcare IT
    • Geographic Information Systems
    • Business Finance
    • Personal Finance
    • Open Banking
    • Education
    • Environment
    • Transport
    • IT Travel Solutions
    • Personal Assistant
    • Web Analytics
    • IT Systems Monitoring
  • AI Search
  • Tasks Examples
    • Digital economy – Ministry of Economic Development and Digitalization
    • Digitalization program of the Internal Affairs system 2022-2025
    • UNDP Moldova — Digital Transformation based on Digital Public Goods
    • Digital transformation Chisinau — 2030
    • EU “Smart Cities” Solutions
  • Blog
    • News
    • Events
  • Contacts
  • English
    • Romanian
    • Russian

Thousands of GitHub accounts are being used to spread malware

Posted on 30.07.24
Thousands of GitHub accounts are being used to spread malware

A network of malicious GitHub accounts is being used to distribute information thefts.

Criminals have created thousands of accounts on GitHub to form a malware distribution-as-a-service operation and push infostealers to developer devices, experts have warned.

The project was recently discovered by cybersecurity researchers Check Point, who said all the accounts have distinct roles, making the entire project quite resilient to takedowns.

The researchers call the project Stargazers Ghost Network, apparently built by a threat actor with the alias Stargazer Goblin.

Successful project

This hacker registered 3,000 GitHub accounts and used them to push “hundreds” of malicious repositories. The accounts are split into three groups – one that serves the phishing template, another one that provides the phishing image, and another one that serves the malware. That way, the entire network is more resilient to GitHub takedowns. Furthermore, all the accounts are used to star, fork, and subscribe to malicious repositories, boosting their legitimacy in the eyes of the average Joe.

“The third account, which serves the malware, is more likely to be detected. When this happens, GitHub bans the entire account, repository, and associated releases,” Check Point said in its report. “In response to such actions, Stargazer Goblin updates the first account’s phishing repository with a new link to a new active malicious release. This allows the network to continue operating with minimum losses when a malware-serving account is banned.”

Since GitHub is a major, trusted platform, many people don’t expect to be served malware that way. As a result, the campaign has been very successful so far, the researchers concluded.

“The campaigns performed by the Stargazers Ghost Network and malware distributed via this service are extremely successful,” the report reads. “In a short period of time, thousands of victims installed software from what appears to be a legitimate repository without suspecting any malicious intent. The heavily victim-oriented phishing templates allow threat actors to infect victims with specific profiles and online accounts, making the infections even more valuable.”


Useful links:

  • Digital Public Goods

  • Digital/internet commons (EU)

  • Digital technologies in Civic Tech and GovTech

  • Civic Tech and Civil Society

  • Public sector. Open Source Solutions

  • Civic technology. Open Source Solutions


Source:

  • TechRadar: Thousands of GitHub accounts are being used to spread malware
Previous Post
Italy Highlights Open Source’s Key Role in Public Service Digitalisation
Next Post
The Artificial Intelligence Act came into effect in EU

Recent Posts

  • FOSS Backstage conference, March 10-11, 2025 16.10.2024
  • EU Open Source Policy Summit 2025 25.09.2024
  • LibreOffice & Open Source Conference 2024 13.09.2024
  • GitHub – 2024 Survey: AI in software development 05.09.2024
  • Overview of EU legislation on free and open source software 11.08.2024

Categories

  • Events (13)
  • News (24)

About OpenCode.md

The OpenCode.md project is based on “Open Source” products targeted as “Digital Public Goods”. Such an application can be modified, supplemented to fit your needs without violating the developers’ copyrights, as well as studied for vulnerabilities, used to develop other programs, etc.

Recent Posts

FOSS Backstage conference, March 10-11, 2025
16.10.2024
EU Open Source Policy Summit 2025
25.09.2024
LibreOffice & Open Source Conference 2024
13.09.2024

Contacts

opencode.md@gmail.com
+373 62 104-710
str. Titulescu 1, Chisinau, MD-2002, Republic of Moldova
Facebook
GitHub

© 2023 Diginet Pro E-commerce solutions and Digital Marketing agency

  • About
  • Registry of Software
  • Search
  • Blog
  • Contacts
  • English
  • Română (Romanian)
  • Русский (Russian)