Kaspersky Warns of GitVenom Campaign Targeting Bitcoin Through Fake GitHub Code
A Kaspersky report highlights the risks associated with using GitHub for crypto-related projects. Key points include:
- Malicious code is being inserted into fake projects through a campaign known as “GitVenom,” active for at least two years.
- The attack begins with legitimate-looking GitHub projects, often involving Telegram bots or gaming tools.
- In Python projects, attackers conceal harmful scripts amid excessive tabs; in JavaScript, they embed rogue functions to trigger attacks.
- Once activated, malware can steal passwords, crypto wallet details, and browsing history, and may take control of devices.
- One attack resulted in hackers stealing 5 BTC, valued at $485,000 in November.
- Regions most affected include Russia, Brazil, and Turkey, but the threat is global.
- Attackers adapt their methods to evade antivirus detection.
To mitigate risks, users should thoroughly review code, verify project legitimacy, and be cautious of overly polished documentation.