Fake GitHub projects distribute stealers in GitVenom campaign | Securelist

The GitVenom campaign involves threat actors creating hundreds of fake GitHub repositories with malicious code disguised as useful projects. The malicious code, written in various programming languages, downloads further payloads like stealers, RAT implants, and a clipboard hijacker. These payloads target cryptocurrency wallets, stealing information and replacing wallet addresses to divert funds to attacker-controlled wallets.