Hackers Exploit Fake GitHub Projects to Steal Crypto, Kaspersky Warns

Cybersecurity firm Kaspersky has uncovered a sophisticated malware campaign, “GitVenom,” in which hackers create fake GitHub repositories to distribute crypto-stealing malware. These repositories, designed to look like legitimate open-source projects, contain remote access trojans (RATs), credential stealers, and clipboard hijackers that can redirect cryptocurrency transactions.

According to Kaspersky analyst Georgy Kucherin, attackers go to great lengths to make their repositories appear authentic, using AI-generated documentation and artificially inflated commit histories. The malware harvests saved credentials, crypto wallet data, and browsing history, then transmits the stolen information to hackers via Telegram.