Security News > 2024 > January > So, are we going to talk about how GitHub is an absolute boon for malware, or nah?
In a report published on Thursday, security shop Recorded Future warns that GitHub's infrastructure is frequently abused by criminals to support and deliver malware.
GitHub domains are seldom blocked by corporate networks, making it a reliable hosting site for malware.
"Using GitHub services for malicious infrastructure allows adversaries to blend in with legitimate network traffic, often bypassing traditional security defenses and making upstream infrastructure tracking and actor attribution more difficult," the report says.
Open source body quits GitHub, urges you to do the same OpenAI, Microsoft, GitHub hit with lawsuit over Copilot Microsoft's AI investments skyrocketed in 2022 - and so did its water consumption GitHub's Copilot flies into its first open source copyright lawsuit.
The security outfit cites numerous examples in which GitHub has been used to stage or distribute malicious files, such as Qualys' January 2023 report on Excel spreadsheets used as bait to spread BitRAT, Morphisec Labs' June 2023 account of a phishing campaign that relied on a PowerShell script to fetch the GuLoader shellcode from a GitHub Pages site, and an August 2023 case found by security researcher 0xToxin that utilized a PowerShell script found on raw[.
"This challenge affects services across the industry," a GitHub spokesperson told The Register.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/01/12/github_malware_popularity/
Related news
- Malicious Visual Studio projects on GitHub push Keyzetsu malware (source)
- Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware (source)
- GitHub comments abused to push malware via Microsoft repo URLs (source)
- GitLab affected by GitHub-style CDN flaw allowing malware hosting (source)
- Using Legitimate GitHub URLs for Malware (source)