Follow us on telegram

News

Magazine

Currencies

AML

For users

Kaspersky Lab tell about fake projects on GitHub to steal cryptocurrencies

Hackers place malicious code to copy developers’ wallet data in files of supposedly legitimate projects

Kaspersky Lab tell about fake projects on GitHub to steal cryptocurrencies

26.02.2025 - 12:25

654

2 min

What’s new? According to a report from Kaspersky Lab, hackers are using GitHub to steal cryptocurrencies by creating fake software development projects and bots. The report warns users about the GitVenom campaign, which has been active for at least two years, which includes placing malicious code in individual projects on the popular platform among developers.

Material by CoinDesk

What else is known? The attack is carried out through the creation of fake projects in which hackers invite to join the development of Telegram-bots to manage bitcoin wallets or tools for computer games.

To create a semblance of legitimacy, such projects are accompanied by a README file, which can often be generated with the help of AI. In turn, the code of the supposedly real Python or JavaScript project itself is a Trojan virus.

If a developer downloads the malware, it launches a number of other exploit programs that collect passwords and crypto wallet data, as well as browsing history, combine them and send them to Telegram.

Remote access trojans such as AsyncRAT and Quasar take over the victim’s device, logging keystrokes, and taking screenshots.

Elliptic revealed details about the laundering of $1,46 billion stolen from Bybit

Elliptic revealed details about the laundering of $1,46 billion stolen from Bybit

Analysts called the incident the largest single theft in history

Read more

Clipper-type programs that work with the clipboard change copied wallet addresses to those of the hackers, redirecting funds. As the lab’s analysts found out, one such wallet in November allowed hackers to earn 5 BTC, which at the time was valued at $485 000.

According to experts, the GitVenom campaign hit users from Russia, Brazil, and Turkey the hardest, although it operates worldwide.

Users were urged to scrutinize any code before running it, checking the authenticity of the project and README files or inconsistent commit histories.

Researchers believe these attacks will continue in the near future.

Author:

Editorial GetBlock Magazine Editorial GetBlock Magazine

Subscribe to Getblock Magazine and stay up to date with the latest news from the world of cryptocurrencies and the digital economy

Telegram Newsletter Twitter

Market
US congressman has offered to protect Trump’s executive order on the BTC reserve from possible repeal by his successors

To pass, the document must receive majority support in the House of Representatives and 60 votes in the Senate

Mar 14, 2025

Market
Telegram’s Wallet will offer a lucrative program for Toncoin holders

The update will gradually become available to users in March and April

Mar 13, 2025

Mining
Solo miner with a 480 GH/s device solved an entire block of Bitcoin blockchain and earned $263 000

Industry participants with such low-powered devices have extremely low chances of single block mining

Mar 12, 2025

Market
Spot trading volume on the leading crypto exchanges fell by 21% over the month

The figure fell from $2,4 trillion to $1,7 trillion

Mar 12, 2025

Incidents
Dark Storm hackers claim responsibility for the DDoS attack on X

On March 10, thousands of users were unable to access the platform

Mar 11, 2025

Market
Thailand’s SEC adds USDT and USDC to the list of approved cryptocurrencies

Previously, the list of approved cryptocurrencies only included BTC, ETH, XRP, and XLM

Mar 10, 2025

Cryptocurrency rates

  • Bitcoin

    Bitcoin

    $83 813

    BTC

    -0.59%

  • Ethereum

    Ethereum

    $1 919.35

    ETH

    +0.62%

  • Ripple

    Ripple

    $2.37

    XRP

    -1.16%

  • BNB Smart Chain

    BNB Smart Chain

    $579.4

    BSC

    +1.23%

  • Cardano

    Cardano

    $0.735011

    ADA

    -0.98%

  • Dogecoin

    Dogecoin

    $0.173721

    DOGE

    +1.14%

  • Stellar XLM

    Stellar XLM

    $0.272478

    XLM

    -1.46%

  • Litecoin

    Litecoin

    $91.41

    LTC

    +0.22%

  • Bitcoin Cash

    Bitcoin Cash

    $337.02

    BCH

    +2.58%

  • Polkadot

    Polkadot

    $4.31

    DOT

    +2.3%

News

Mar 15, 2025

BRICS countries will study the possibility of using blockchain in international settlements

Mar 14, 2025

US congressman has offered to protect Trump’s executive order on the BTC reserve from possible repeal by his successors

Mar 14, 2025

Court allows bankrupt fund Three Arrows Capital to increase its claims against FTX to $1,5 billion

Mar 14, 2025

Ethereum developers will launch the Hoodi testnet to test the Pectra upgrade

Mar 13, 2025

Telegram’s Wallet will offer a lucrative program for Toncoin holders

Mar 13, 2025

Turkey tightens regulations for crypto exchanges and custodians

Mar 13, 2025

The number of mentions of crypto projects in SEC filings has reached an all-time high

New in the knowledge base

Basics

Ripple and RLUSD: A new look at stablecoins

Feb 5, 2025

Basics

Monero: Behind the scenes of anonymity. How does the new generation cryptocurrency work?

Dec 18, 2024

Basics

PancakeSwap: How it works, features and ways to make money on the popular DEX exchange

Dec 12, 2024

Basics

Sei: the fastest Layer 1 blockchain ever

Nov 26, 2024

Basics

What is DePIN in cryptocurrencies?

Nov 6, 2024

GetBlock.net — your guide in the world of crypto

For all questions, please contact [email protected]