#github-abuse

[ follow ]
#pystorerat #remote-access-trojan #rhadamanthys #astaroth #phishing #banking-trojan #latin-america
Information security
fromThe Hacker News
1 day ago

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Malicious actors use GitHub-hosted Python repositories to distribute a JavaScript-based RAT named PyStoreRAT that downloads and executes remote HTA payloads.
fromThe Hacker News
2 months ago

Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

"Instead of relying solely on traditional command-and-control (C2) servers that can be taken down, these attackers are leveraging GitHub repositories to host malware configurations," McAfee Labs researchers Harshil Patel and Prabudh Chakravorty said in a report. "When law enforcement or security researchers shut down their C2 infrastructure, Astaroth simply pulls fresh configurations from GitHub and keeps running."
Information security
[ Load more ]