Source URL: https://www.theregister.com/2025/02/26/infosec_bytes/
Source: The Register
Title: 200-plus impressively convincing GitHub repos are serving up malware
Feedly Summary: Plus: DOGE staff quit; LastPass PC, Mac gasp; and CISA warns Oracle and Adobe flaws under attack
Infosec bytes Kaspersky says it has found more than 200 GitHub repos hosting fairly convincing-looking fake projects laced with malicious software.…
AI Summary and Description: Yes
Summary: Kaspersky’s discovery of over 200 GitHub repositories containing malicious software aimed at deceiving developers highlights a significant cybersecurity threat. Additionally, the concerns raised by staff at the US Digital Service regarding security lapses in government operations emphasizes the challenges of maintaining security amidst organizational changes.
Detailed Description: The provided text reveals multiple significant cyber threats and operational security issues affecting developers and government entities.
– **Kaspersky’s Findings**:
– **Malicious GitHub Repos**: Kaspersky identified more than 200 repositories with fake projects that appear authentic, complete with numerous commits and multi-language README files.
– **Campaign Duration**: This malicious activity, dubbed ‘GitVenom’, has reportedly been operational for two years.
– **Types of Malicious Software**: These repos include various types of malware, such as:
– Information stealers and password theft tools.
– Trojan malware.
– Code aimed at hijacking cryptocurrency wallets.
– **Financial Impact**: The attackers are believed to have stolen nearly $500,000 from victims.
– **Remediation**: Kaspersky has provided hashes and indicators to help developers avoid these infected projects.
– **Concerns at the US Digital Service (USDS)**:
– **Staff Resignations**: A significant number of employees have left the USDS due to fears that the new direction under the DOGE initiative threatens security and compromises sensitive data.
– **Concerns of Security Risks**: Resigning staff cited actions such as:
– Firing technical experts.
– Mishandling sensitive information.
– Creating risk through political loyalty questioning during interview processes.
– **Demand for Accountability**: House Democrats have called for a briefing on how DOGE is handling federal system security due to identified vulnerabilities in public-facing web servers.
– **Software Vulnerabilities**:
– **CISA Recommendations**: The Cybersecurity and Infrastructure Security Agency (CISA) has added two specific vulnerabilities to its list of actively exploited vulnerabilities, necessitating immediate corrective action by federal agencies.
These insights underline the ongoing challenges in cybersecurity, particularly regarding supply chain attacks aiming at developers and internal security lapses in government organizations. For security and compliance professionals, staying vigilant against such threats and ensuring robust governance practices is critical to mitigating risks in both private and public sectors.