A certain malware hijacks cryptocurrency wallets by embedding code in fake open-source projects on GitHub

ChainCatcher news, according to Bitcoin.com, a covert malware campaign is hijacking cryptocurrency wallets by embedding malicious code in fake open-source projects on Github, tricking developers into executing hidden payloads.

A cyber attack campaign named Gitvenom has been targeting Github users by embedding malicious code into seemingly legitimate open-source projects. Researchers Georgy Kucherin and Joao Godinho discovered this operation, where cybercriminals create fraudulent repositories that mimic real software tools. The method of embedding malicious code varies depending on the programming language used in the fake projects.