New malware campaign in GitHub, accounts spreading malware using MediaFire
Hello everyone,
There is a new malware campaign in GitHub where normal looking accounts are posting messages looking like this:
Download www.mediafire.com/file/DONOTCLICKMEORCOPY password: changeme In the installer menu, select "gcc."
I personally received 3 of these on the same issue but luckily GitHub takes action immediately and deletes the accounts when you report them.
3 comments
[ 25.4 ms ] story [ 1885 ms ] threadhttps://i.imgur.com/jJljJp8.png
They reply with the message to new issues, which makes their notification email look like a direct solution to the submitter's issue, so they'll probably catch out a lot of people...
https://socradar.io/malware-analysis-lummac2-stealer/