Be warned GitHub users Hackers flood platform with malicious clones TechRadar Skip to main content TechRadar is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Here's why you can trust us. Be warned GitHub users Hackers flood platform with malicious clones By Sead Fadilpašić published 4 August 2022 Tens of thousands of Github repositories cloned and altered to carry malware (Image credit: Pixabay) Audio player loading… GitHub users are being targeted with malicious (opens in new tab) copies of legitimate repositories, a cybersecurity researcher recently uncovered. Preying on developers who are either short on time, reckless, or just overworked, someone has been copying official GitHub projects such as crypto, golang, python, js, bash, docker, k8s, giving them names similar to the original projects, and slightly altering them in a way that they contain malicious code. The cunning plan was first spotted by software developer Stephen Lacy, who after reviewing one open source project, noticed a malicious URL hidden within. A quick search through GitHub soon established that more than 35,000 repositories carried the same URL. Original repositories intact Another developer, James Tucker, further found the repositories were designed to siphon user environment variables, steal API keys, tokens, crypto keys, but also execute arbitrary code on affected endpoints (opens in new tab). This kind of information can be used in identity theft attacks or ransomware (opens in new tab) campaigns. GitHub has since removed the malicious repositories and issued a short statement via Twitter, saying: "GitHub is investigating the Tweet published Wed, Aug. 3, 2022. No repositories were compromised. Malicious code was posted to cloned repositories, not the repositories themselves. The clones were quarantined and there was no evident compromise of GitHub or maintainer accounts."Read more> GitHub in hot water over new AI coding assistant (opens in new tab) > GitHub is getting better at hunting down your dangerous code (opens in new tab) > Keep your traffic safe with the best firewalls around (opens in new tab) While the majority of malicious code changes were made in the last couple of months, with some found to be dating back seven years. GitHub is one of the biggest open source code repositories in the world, and as such, frequently targeted. Developers are advised to always be extra careful when pulling code from the platform, to pay attention to potential typosquats or repository copies, clones, or forks. One way to make sure they're looking at the legitimate code is to look for code commits signed with GPG keys of the project's authors, the publication concludes.These are the best antivirus (opens in new tab) solutions around Via: BleepingComputer (opens in new tab) Sead Fadilpašić Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he's written for numerous media outlets, including Al Jazeera Balkans. He's also held several modules on content writing for Represent Communications. See more Computing news Are you a pro? Subscribe to our newsletter Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Thank you for signing up to TechRadar. You will receive a verification email shortly. There was a problem. Please refresh the page and try again. MOST POPULARMOST SHARED1PC gamers are shunning high-end GPUs – spelling trouble for the Nvidia RTX 40902Samsung's smaller micro-LED 4K TV might finally be on the way to battle OLED3It looks like Fallout's spiritual successor is getting a PS5 remaster4A whole new breed of SSDs is about to break through5Nothing announces official launch date for new Ear (stick) AirPods alternatives 1Con le RTX 4000 ho capito che Nvidia ha perso la testa2Canon's next mirrorless camera could be too cheap for its own good3PC gamers are shunning high-end GPUs – spelling trouble for the Nvidia RTX 40904IT pros suffer from serious misconceptions about Microsoft 365 security5A whole new breed of SSDs is about to break through Technology Magazines (opens in new tab)● (opens in new tab)The best tech tutorials and in-depth reviewsFrom$12.99 (opens in new tab)View (opens in new tab)