Kaspersky Warns of GitVenom Campaign Targeting Bitcoin Through Fake GitHub Code

A Kaspersky report highlights the risks associated with using GitHub for crypto-related projects. Key points include:

  • Malicious code is being inserted into fake projects through a campaign known as “GitVenom,” active for at least two years.
  • The attack begins with legitimate-looking GitHub projects, often involving Telegram bots or gaming tools.
  • In Python projects, attackers conceal harmful scripts amid excessive tabs; in JavaScript, they embed rogue functions to trigger attacks.
  • Once activated, malware can steal passwords, crypto wallet details, and browsing history, and may take control of devices.
  • One attack resulted in hackers stealing 5 BTC, valued at $485,000 in November.
  • Regions most affected include Russia, Brazil, and Turkey, but the threat is global.
  • Attackers adapt their methods to evade antivirus detection.

To mitigate risks, users should thoroughly review code, verify project legitimacy, and be cautious of overly polished documentation.