Kaspersky warns: Hackers use GitHub to forge code to steal Bitcoin

2025-02-26 14:44:08

Collection

ChainCatcher news, according to CoinDesk, Kaspersky has discovered that hackers are using GitHub for "GitVenom" attacks, which have been active for at least two years and are on the rise. Hackers create GitHub repositories disguised as legitimate projects, such as Telegram bots for managing Bitcoin wallets or computer game tools, but they hide malicious code within them.

Attackers use Python and JavaScript code to implant Trojan viruses, which steal passwords, encrypted wallet information, and hijack Bitcoin transaction addresses after infecting victims' devices. In November 2024, a developer lost over $400,000 in Bitcoin due to this attack. GitVenom primarily affects countries such as Russia, Brazil, and Turkey, and continues to spread globally.

Kaspersky advises developers to carefully review the authenticity of projects before running code, and to be wary of overly optimized README files and suspicious code commit histories.

(Source Link)

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.