New Technique Detected in an Open Source Supply Chain Attack
released on 2024-04-10 @ 08:52:22 PM
A recent attack campaign was discovered in which threat actors manipulated GitHub search to boost the ranking of repositories containing hidden malware. The malware was concealed in Visual Studio project files and executed during build. The malware shared similarities with a cryptocurrency clipper and established persistence on Windows machines. Developers should watch for suspicious properties like high commit frequency and fake stargazers when using public code.