Points out that GitHub is being exploited as a hotbed for malware distribution by cybercriminals
Flying Under the Radar: Abusing GitHub for Malicious Infrastructure | Recorded Future
https://www.recordedfuture.com/flying-under-the-radar-abusing-github-malicious-infrastructure
Flying Under the Radar: Abusing GitHub for Malicious Infrastructure - cta-2024-0111.pdf
(PDF file)
Miscreaants absolutely love using GitHub to sling malware • The Register
https://www.theregister.com/2024/01/12/github_malware_popularity/
In a report published on January 11, 2024, cybersecurity firm Recorded Future warns that 'GitHub is frequently exploited by cybercriminals to support and distribute malware.'
According to Recorded Future, 'GitHub domains are rarely blocked by corporate networks,' and 'GitHub doesn't require any additional fees, such as domain registration fees, and because of its name recognition, it's reliable, and creating a new account is easy. GitHub is used by cybercriminals to distribute malware because of its ability to deliver malware.
On the other hand, GitHub does not support PHP backends, which is limiting for cybercriminals who want to distribute PHP-based malware. Additionally, GitHub, one of the world's largest software development platforms, is believed to have a very strong security team, and limits on file size and bandwidth that can be distributed limit resources for malware attacks. There is a possibility that
Still, cybercriminals are believed to be using GitHub to deliver payloads,
Furthermore, Recorded Future has published a breakdown of the GitHub services exploited in samples from March to November 2023, and it is reported that RAW files and Objects account for the majority.
Recorded Future says, ``Using GitHub's services for malicious infrastructure allows cybercriminals to slip malware into legitimate network traffic.In many cases, these malware delivered through GitHub are It can break through security blocks and make it difficult to track upstream .'
In response to these types of malware, Recorded Future recommends that companies flag or block GitHub services that may be exploited. 'We need to take concrete defense strategies.'
In response to this report by Recorded Future, GitHub stated, ``The issue of GitHub being used to distribute malware could have an impact on services across the industry.'' We have teams dedicated to detecting, analyzing, and removing content, and we use machine learning to review and detect malicious content to help us evolve and adapt to malicious content. We encourage you to report abuse and spam.'
Related Posts: