Security researchers from Kaspersky recently discovered a dangerous malware campaign named GitVenom, targeting software developers by creating fake repositories on GitHub. If downloaded, this type of malware can exploit victims to steal cryptocurrency.

GitVenom: The Hidden Threat in Fake Repositories

🔹 #Github is an open-source code sharing platform where developers around the world can easily use and reuse code.
🔹 However, this has also become a target for cybercriminals, as hackers exploit this platform to spread malware through fake projects.
🔹 According to Kaspersky's report, the attacking group has put a lot of effort into making the repositories look legitimate to deceive victims.

One specific case detected by Kaspersky was a Telegram bot project designed to manage Bitcoin wallets. But in reality, it contained malware that steals browsing history and cryptocurrency wallet data from the developer.

How GitVenom Malware Works to Steal Crypto

🔸 Clipboard Hijacking: The malware scans the victim's computer for cryptocurrency wallet addresses. When the victim copies a wallet address, it automatically replaces it with the attacker's wallet address.
🔸 Collecting personal information: The malware collects passwords, browsing history, banking information, compresses it, and sends it to the hacker via Telegram.
🔸 Withdraw money to the hacker's wallet: According to statistics from #Kaspersky , a wallet associated with GitVenom received 5 BTC (~$443,000 at the time).

The Global Threat of GitVenom

Security researchers warn that GitVenom has spread to many countries, with most victims located in Russia, Brazil, and Turkey.

🚨 This is not the first time developers have been attacked.
🔹 Last week, Microsoft Intelligence also discovered a new variant of XCSSET, a malware that can steal cryptocurrency from devices running macOS.
🔹 This malware spreads through infected Xcode projects, affecting iOS/macOS developers.

How to Prevent GitVenom and Similar Threats

📌 Thoroughly check the source code before using:
✅ Do not download and run code from unknown repositories on GitHub.
✅ Always check the identity of the creator and the project's credibility.

📌 Protecting Cryptocurrency Assets:
✅ Always verify wallet addresses before sending money.
✅ Use hardware wallets or two-factor security measures to protect assets.

📌 Use Security Software:
✅ Install reliable anti-malware software.
✅ Regularly update operating systems and security software to prevent new threats.

Conclusion

GitVenom is one of the most dangerous malware distribution campaigns targeting software developers, aiming to steal cryptocurrency and personal information. With the rapid development of cryptocurrency and open-source platforms, protecting information and digital assets has become more important than ever.

💡 Always be vigilant when using open-source code and protect your assets from hacker threats! #anhbacong