Cybercriminals distribute Monero miners through GitHub
Hackers adapt malware to services.
Zdnet, citing Avast's security research, argues that cybercriminals have found yet another way to distribute their malicious program for Monero mining by downloading the code of the miner in GitHub.
Hackers infect users' computers through GitHub
GitHub is the largest service for developing hosting projects, free for open source projects. Cybercriminals are being introduced into random projects, and hide malicious files in the directory structure of these new projects.
Users do not need to download malicious executable files directly from GitHub. Instead, the malicious program spreads through a phishing advertising campaign.
Researchers said that when a user visits a site that displays phishing ads and clicks on an ad, executable files are downloaded.
If a user clicks on one of these advertisements, they are informed that their Flash Player is obsolete and has a fake update, which, if downloaded, will infect them with malware.
Author: Evgenij Novožilov, Analyst Freedman Club Crypto News
Source: Read Full Article