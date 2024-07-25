Malicious 'ghost' DaaS network spreading malware through GitHub

Social engineering and GitHub reputation key to effectiveness

Penny Horwood
clock • 2 min read
Shutterstock
Image:

Shutterstock

Threat actors known as 'Stargazer Goblin' have created a malware Distribution-as-a-Service (DaaS) from over 3,000 fake GitHub accounts

According to a report from Check Point Research, the malware delivery service is called Stargazers Ghost Network. It utilises GitHub repositories along with compromised WordPress sites and some nea...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
'Levelling up cybersecurity is a team effort,' says Jacob DePriest of GitHub

Open Source

'Levelling up cybersecurity is a team effort,' says Jacob DePriest of GitHub

But security starts with developers, and AI isn’t going to replace them

clock 09 May 2024 • 5 min read
NHS England reinstates open source Github page used to maintain central database of GP data

Health

NHS England reinstates open source Github page used to maintain central database of GP data

GP Connect page taken down, then reinstated, over 'inaccurate' patient record database claim

clock 19 March 2024 • 3 min read
Massive data leak exposes Chinese infosec vendor's cyberattacks-for-hire

Threats and Risks

Massive data leak exposes Chinese infosec vendor's cyberattacks-for-hire

Documents outline the use of hardware hacking devices, including a malicious power bank designed to surreptitiously upload data into victims' systems

clock 23 February 2024 • 3 min read
Penny Horwood
Author spotlight

Penny Horwood

Associate Editor focusing on diversity in tech and sustainability content.

View profile
More from Penny Horwood

IT Essentials: Investors are running out of patience with GenAI

Meta's 'pay or consent' model likely to be on borrowed time in EU

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

Get the newsletter

More on Threats and Risks

Ransomware operators exploit simple flaw in VMware ESXi to launch attacks
Threats and Risks

Ransomware operators exploit simple flaw in VMware ESXi to launch attacks

Now-patched bug allowed attackers to circumvent Microsoft AD authentication checks

John Leonard
John Leonard
clock 30 July 2024 • 2 min read
French internet attacked during Olympics
Threats and Risks

French internet attacked during Olympics

Second major attack on French infrastructure in less than a week

Dev Kundaliya
clock 30 July 2024 • 2 min read
Russia-linked brute-force attacks trying to compromise European networks, report
Threats and Risks

Russia-linked brute-force attacks trying to compromise European networks, report

Threat actors are leveraging Microsoft Infrastructure to mask their activities

Dev Kundaliya
clock 29 July 2024 • 3 min read