// Alert

GitHub threat report

// GitHubMEDIUM

A malware distribution campaign has weaponized fake GitHub accounts and repositories with inflated star counts to build social proof for a Rust-based cryptocurrency clipboard hijacker targeting traders and gamblers. The actors created bogus repositories, used Ghost Networks of fake accounts across multiple platforms, and coordinated AI-narrated YouTube videos and VirusTotal vote manipulation to distribute malicious 'trading tools' and 'crypto sniper bots' that swap victim wallet addresses for attacker-controlled ones. The campaign demonstrates sophisticated reputation spoofing tactics that could be repurposed for deploying more damaging payloads.

// Get alerts for GitHub