HQ/EMEAFind out how we can help your business
One of the most prominent open-source software repositories, GitHub, has revealed new upgrades to assist its users, developers, researchers, and maintainers in securing the integrity of open-source projects.
The repository’s primary objective for the patches is to fortify the security of software supply chains by providing private vulnerability reporting and an npm package background.
These GitHub admins have executed these updates since numerous threat groups have flooded the npm open-source packaged repository with compromised packages. The malicious packages existed as the actors could generate them via automated scripts, and the traffic load resulted in a Denial-of-Service attack for a brief period. These DoS attacks have caused the platform to be unavailable for a while.
GitHub revealed that the open-source repositories attracted many actors since they could infect numerous targets easily.
Cybercriminal groups have recently abused open-source ecosystems, such as GitHub, to execute malicious campaigns, such as SEO poisoning, malware infection, and spam emails. In addition, the actors developed infectious websites and uploaded numerous npm modules with links that could redirect unknowing users to malicious websites.
These attacks also occurred at an unprecedented frequency, resulting in the instability of npm landscapes and irregular intervals. Experts believe these threats came from a cluster of threat actors that worked together, not separately.
Such campaigns aim to bait victims to visit their fake websites and prompt them to download the warez software. Subsequently, the malicious software will launch different malware strains, like SmokeLoader, RedLine, Glupteba, and cryptominers.
The campaign includes links that take the users to fake pages and lead them to legitimate e-commerce sites with referral IDs. These referral IDs will provide them profit whenever a victim accomplishes a purchase on the platform.
GitHub has provided a proper method to increase the transparency of its products to the users. The update will allow the user to know the origin of packages, impacting their decision as to whether they will download the modules.
Experts recommend that repository owners adopt anti-bot tactics while developing a user account. Lastly, users should always cross-check the legitimacy of the desired packages before employing their codes.
