The research study<\/a> from Kaspersky describes fake project tactics used to steal crypto through deceptive software downloads.<\/span><\/p>\n GitHub is a leading platform for developers who wish to share and synchronize their coding efforts. Unfortunately, hackers are taking advantage of its open nature. Kaspersky analyst Georgy Kucherin explains that hackers create fake repositories under \u201cGitVenom<\/a>.\u201d These projects pose legitimate tools but steal crypto and personal data.<\/span><\/p>\n ???? ALERT: Hackers are making fake GitHub projects to steal crypto, according to Kaspersky.<\/p>\n The hackers of the malware campaign called GitVenom have created hundreds of repositories on GitHub hosting fake projects that contain remote access trojans (RATs), info-stealers and\u2026 pic.twitter.com\/NfZL6aWiKD<\/a><\/p>\n \u2014 Cointelegraph (@Cointelegraph) February 26, 2025<\/a><\/p>\n<\/blockquote>\n Some of the fake projects include:<\/span><\/p>\n Hackers use AI, fake updates, and inflated commits to make projects look legitimate. Once downloaded, the malware inside these projects activates. It steals data and scans for crypto wallet addresses, replacing them with hacker-controlled ones.<\/span><\/p>\n Once a victim downloads and installs the fake project, the malware copies sensitive data, including:<\/span><\/p>\n GitHub users, be careful!<\/p>\n GitVenom campaign uses fake projects to spread malware, stealing crypto and data. Verify repos before use: check code, READMEs, and commits; or stick to known, trusted repos.<\/p>\n See more here: https:\/\/t.co\/Dq19Wjb9Yo<\/a><\/p>\n \u2014 Cosmos Rescue (@cosmosrescue) February 26, 2025<\/a><\/p>\n<\/blockquote>\n<\/li>\n<\/ul>\n The stolen data gets to hackers through Telegram. A clipboard hijacker runs in the background, looking for crypto wallet addresses. If a user tries to copy and paste their wallet address, the malware swaps it with the hacker\u2019s address, redirecting funds to the attackers.<\/span><\/p>\n According to Kaspersky, the GitVenom campaign targets users worldwide. However, it focuses more on Russia, Brazil, and Turkey. The fact that hackers<\/a> have been running this scheme for at least two years suggests it has effectively tricked victims.<\/span><\/p>\n GitHub Malware Alert \u26a0\ufe0f<\/p>\n Our Global Research & Analysis Team (GReAT) uncovered GitVenom\u2014a stealthy, multi-stage #malware<\/a> campaign exploiting open-source code. Infected repositories targeted #gamers<\/a> and #crypto<\/a> investors, hijacking wallets and siphoning $485,000 in #Bitcoin<\/a>.<\/p>\n Get\u2026 pic.twitter.com\/Ol7X7b1mwQ<\/a><\/p>\n \u2014 Kaspersky (@kaspersky) February 25, 2025<\/a><\/p>\n<\/blockquote>\n![\"bitcoins](\"https:\/\/www.altcoinbuzz.io\/wp-content\/uploads\/2025\/02\/Web_Fake-GitHub-Projects-Used-to_Steal-Crypto-Kaspersky-Warns.jpg\" "\\"bitcoins")
<\/a><\/p>\nHackers are creating fake GitHub projects filled with malware to steal crypto. In November, at least one unlucky victim lost 5 bitcoins (worth around $442,000) after downloading a malicious project. Read on to learn more.<\/strong><\/h4>\n
How Hackers Are Using Fake GitHub Projects to Steal Crypto<\/strong><\/h5>\n
\n
\n
How the Malware Works<\/strong><\/h5>\n
\n
\n<\/span><\/span><\/p>\n\n
Who Is at Risk?<\/strong><\/h5>\n
\n
How to Stay Safe<\/strong><\/h5>\n