TechFlow news, on February 26, according to Cointelegraph, cybersecurity firm Kaspersky recently released research showing hackers are creating hundreds of fake projects on GitHub to trick users into downloading malware designed to steal cryptocurrency and credentials. Kaspersky has named this malicious campaign "GitVenom".
In a report dated February 24, Kaspersky analyst Georgy Kucherin noted that these fake projects include Telegram bots for managing Bitcoin wallets and tools for automating Instagram account interactions. The attackers meticulously craft project documentation—possibly using AI-generated content—and artificially inflate the number of project "commits" to make the projects appear actively developed.
According to Kaspersky's investigation, these malicious projects can be traced back at least two years. Regardless of their presentation, all contain malicious components such as information-stealing tools that exfiltrate saved credentials, cryptocurrency wallet data, and browsing history via Telegram, as well as clipboard hijackers that replace cryptocurrency wallet addresses. In November 2023, one user lost 5 bitcoins (approximately $442,000) as a result. Kaspersky advises users to carefully examine the behavior of third-party code before downloading.




