Clever 'GitHub Scanner' campaign abusing repos to push malware
hasecilu opened this issue · 3 comments
Caution
Basically I got an pishing email which apparently leads to Lumma Stealer information-stealing malware, the interesting thing is that they used GitHub notification system to make it seem legit, <<< Issue #147 >>>.
Important
I think the users that are subscribed to the repo are also notified, so be careful, don't click suspicious links and don't copy-paste commands on the terminal.
Anyway, read the article attached below to know more about it.
Hey there!
We have detected a security vulnerability in your repository. Please contact us at h t t p s : / / github-scanner [dot] shop to get more information on how to fix this issue.
Best regards,
Github Security Team—
News article: https://www.bleepingcomputer.com/news/security/clever-github-scanner-campaign-abusing-repos-to-push-malware/
Virus total URL analysis: https://www.virustotal.com/gui/url/3413e5b9178cc96a7246ee2c9fc4e84756e4911a521a40c450c51bd8eafb89e2/detection
Thanks for sharing.
I assume you deleted Issue 147? How did you do that? I remember some other spam in another repo and I could not delete it - but that is possibly because I'm too stupid :-D
Man, this issue is rampant across almost all public repos on GitHub.
I assume you deleted Issue 147? How did you do that? I remember some other spam in another repo and I could not delete it - but that is possibly because I'm too stupid :-D
Actually not, probably was GitHub, when i clicked the view it on GitHub link the issue was gone