Help Net Security reports:
A financially motivated threat actor is impersonating hundreds of brands on GitHub and pushing a smash-and-grab infostealer masquerading as legitimate downloads of popular software, Arctic Wolf threat researchers have warned.
“The 292 impersonated repositories span security tooling, fintech and personal finance, cryptocurrency wallets and exchanges, developer and productivity tools, secure email providers, macOS utilities, and gaming software, including ‘cheat’ tools,” they said.
Among these repositories was one impersonating Arctic Wolf, which spurred the company to dig deeper and document the extent of the campaign.
Read more at Help Net Security.
