"Threat Actors Abuse GitHub to Distribute Multiple Information Stealers"
A malicious campaign has used a legitimate GitHub profile to spread information-stealing malware. Russian-speaking threat actors have impersonated 1Password, Bartender 5, and other legitimate applications to distribute Atomic macOS Stealer (AMOS), Vidar, Lumma, and Octo malware. The malware operations shared Command-and-Control (C2) infrastructure, suggesting the use of a centralized setup in cross-platform attacks to increase efficiency. This article continues to discuss Russian-speaking threat actors abusing a GitHub profile to distribute information stealers posing as legitimate software.
SecurityWeek reports "Threat Actors Abuse GitHub to Distribute Multiple Information Stealers"
Submitted by grigby1
Submitted by grigby1 CPVI
on