GitHub faces Malware attack, and different projects suffer along with Crypto

Popular developer platform GitHub encountered a malware attack and informed 35,000 “code hits” on a day that also witnessed thousands of Solana-based wallets drained for millions of dollars.

The widespread attack was revealed by GitHub developer Stephen Lucy. Stephen who first reported the incident on Wednesday came across the issue while studying a project he found on a Google search.

Till now, numerous projects from crypto, Python, Golang, JavaScript, Bash, Docker, and Kubernetes have been affected by the attack. The malware attack is targeted at the docker images, install docs, and NPM script, which is a suitable way to bundle common shell commands for a project.

To deceive developers and access critical data, the attacker first makes a fake repository. This repository retains all of the project’s files and each file’s revision history. Afterward, the attacker pushes clones of legit projects to GitHub. For instance, the following two images illustrate this legit crypto miner project and its clone.

crypto-mining-project-github
Original Crypto Mining Project
clone-crypto-mining-project-github
Original Crypto Mining Project

The majority of these clone repositories were pushed as “pull requests,” which allow developers to tell others about modifications they have pushed to a branch in a repository on GitHub.

You may find this useful, US senator summons Apple and Google over fake Crypto Apps on their stores

Once the developer falls target to the malware attack, the entire environment variable (ENV) of the script, application, or laptop (Electron apps) is mailed to the attacker’s server. The ENV comprises security keys, Amazon Web Services access keys, crypto keys, and other critical information.

The developer has notified the issue to the GitHub platform. In addition, he also advised other developers to GPG-sign their revisions made to the repository. GPG keys add an additional layer of security to GitHub accounts and software projects by delivering a way of verifying all revisions come from an authorized source. Following up on the report of the attack from Stephen, GitHub responded and cleaned most of the code hits.


Hungry for more information?

NFT Calendar from NFTHi

Check out the Latest NFT News!

For more interesting updates on NFTs, connect with NFTHI on Twitter and Instagram.

Join us on Telegram!


NFTHI does not recommend any kind of Investment in NFTs or NFT trading. All the strategies are merely educational references.

Conduct thorough research before you start with NFTs

Share This Post

Related Posts

FTX CEO Denies rumors of Huobi Acquisition

FTX CEO Sam Bankman-Fried said in a tweet on Monday...

Johnny Depp ETH NFTs Increase Following Actor’s Defamation Lawsuit

Since winning a slander battle against his ex-wife, Johnny...

X2Y2 NFT Marketplace Removes and Replaces Ryder Ripps’ NFT Collection 

The NFT marketplace X2Y2 has been involved in the...

Solana-based yield protocol suffers a $3.5 M in a Flash Loan attack

Nirvana Finance, a Solana-based Defi protocol, suffered a $3.5...

Breaking: Emirates Airline Plans to Launch NFTs 

According to a recent report, Dubai-based Emirates Airline aims...

Kevin Hart’s HARTBEAT to Introduce NFT & Web3 Wallet 

Kevin Hart and his entertainment business HARTBEAT announced on...
spot_img