Botnet Abuses GitHub Repositories to Spread Malware

Threat actors are using public GitHub repositories to host and distribute malware through the Amadey botnet. The campaign, observed in April, reveals how fake GitHub accounts were used to host malicious payloads, tools, and Amadey plug-ins. The use of GitHub poses challenges for enterprise defenders, especially in development environments where GitHub access is routine.