- McAfee researchers find the number of malicious github standards
- The benchmarks change every week, but always promise gaming cracks, hacks or free access to commercial software
- But instead of cracks, the victims are infected with Lummma Stealer
Cybercriminals use GitHub to target children with infostative malware, said a new McAfee report, saying that he has spotted a malicious campaign in progress on the popular code repository.
In an analysis, the researchers said they had observed numerous benchmarks pretending to be game hacks, cracks or free versions of otherwise commercial software. However, instead of providing these programs, the benchmarks really welcomed Lumma Stealer, known infosaler malware.
“McAfee Labs has met several benchmarks, offering game hacks for the best -selling video games such as Apex Legends, Minecraft, Counter Strike 2.0, Roblox, Valorant, Fortnite, Call of Duty, GTA V and or offering cracked versions of Popular software and services, such as Spotify Premium, Fl Studio, Adobe Express, Sketchup Pro, Xbox Game Pass and Discord to name only a few, “said the researchers.
Deactivate AV
This “network of standards”, as McAfee described, changes the description every week and creates new standards, because the old ones are reported and deleted by Github. The payload, however, always remains the same.
“These benchmarks also include distribution licenses and software screenshots to improve their appearance of legitimacy,” concluded McAfee.
The descriptions also contain instructions on how to download and run malware and deactivate all antivirus programs on the computer, before running it. The attackers said that antivirus solutions report these programs as well as false positives and can be overlooked.
McAfee says that this social engineering technique, combined with the confidence that GitHub enjoys with its users works well and that the campaign has infected many users. The researchers have shared any number, but stressed that the targets are mainly on the youngest side:
“Children are frequently targeted by such scams, because the authors of malware exploit their interest in playing hacks by highlighting the functionalities and potential advantages, which facilitates it more systems.”
