news.volyx.in

I found 10k GitHub repositories distributing Trojan malware (orchidfiles.com)

987 points by theorchid · 24 days ago · 248 comments on HN

Article summary

The author discovered a large-scale malware distribution campaign on GitHub, where over 10,000 repositories were found to be distributing Trojan malware. These repositories were created by copying commits and contributors from other repositories, and then adding a link to a zip archive containing the malware. The author developed a script to find these repositories and reported them to GitHub, which has since started deleting them. The campaign's goal is believed to be spreading the virus and potentially stealing cryptocurrency.

Main themes

  • Malware distribution on GitHub
  • Open-source security
  • Repository cloning and spamming
  • GitHub's response to malware
  • Software auditing and trust

What commenters say

  • The idea that open-source software is inherently safer because its source code is open is not supported by reality, as many open-source projects are not thoroughly audited.
  • The presence of malware in open-source software does not necessarily mean that closed-source software is safer, as the risk of malware exists in both cases.
  • The fact that GitHub repositories can be easily cloned and modified to distribute malware highlights the need for better auditing and security measures on the platform.
  • The use of open-source software does not guarantee safety, and users should not assume that a project is secure simply because it is open-source.
  • The ability to audit open-source software is not the same as actually auditing it, and many open-source projects may contain malware or other security vulnerabilities.
  • The problem of malware distribution on GitHub is not unique to open-source software, but rather a result of the platform's openness and lack of curation.
  • The trust placed in open-source software can be misplaced, as the fact that a project is open-source does not necessarily mean that it has been thoroughly reviewed or audited.
  • The solution to the problem of malware distribution on GitHub requires a combination of better auditing, security measures, and user education.