逾3千個GitHub帳號遭駭客組織Stargazer Goblin濫用,作為散布惡意軟體的管道
支付動態 · 2024-07-29
資安業者Check Point揭露駭客組織Stargazer Goblin經營的惡意軟體散布網路,此網路由超過3千個「幽靈」GitHub帳號組織,但研究人員指出,GitHub僅是這些駭客濫用的其中一種平臺
不過,這些駭客並非將所有的GitHub帳號都拿來設置前述的惡意儲存庫,還有另外兩種類型的帳號,分別提供網釣範本當中的圖片,以及存放內含惡意程式的壓縮檔。而對方如此分工的目的,主要在於一旦有部分帳號被察覺惡意行為遭到停用,他們可以很快處理,而能大幅降低營運的負擔。
至於Stargazers Ghost的儲存庫網路被用來散布那些惡意程式?研究人員看到了RedLine、Lumma Stealer、Rhadamanthys、RisePro,以及Atlantida等多種惡意軟體。
研究人員根據他們掌握的情報,濫用GitHub只是這些駭客經營的惡意程式散布服務的一部分,他們很有可能還濫用其他平臺,而研究人員則是在其中一個聲稱提供「免費」版Adobe PhotoShop 2024的GitHub儲存庫裡,看到駭客分享的YouTube影片,印證這項推測。
值得留意的是,他們發現有些GitHub帳號並非這些駭客所有,在上述的儲存庫當中,研究人員看到帳號的所有者留言,抗議對方擅自使用他的帳號推送儲存庫的情況。
熱門文章
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
British gambling levy rates confirmed for each vertical
Regulation
Are you ready to maximize your earnings? Try ProPush.me Constructor!
Marketing
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
GAT Expo Puerto Rico Will Pulse with the New Era of Gaming in the Caribbean
Marketing
Vietnam's tightening online gaming policy creates new market opportunities
Southeast Asia
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
Kazakhstan plans to penalise online casino promotions
Regulation
Indiana online casino bill stalls in House committee
Regulation
