GitHub users targeted by malware

Platform also recovers from major outage

Image:
GitHub users targeted by malware

Cybercriminals are taking advantage of GitHub’s reputation by distributing malware disguised as game hacks and cracked software, while the platform recently recovered from a major service outage that affected users worldwide.

Security researchers at McAfee have identified multiple malicious repositories on GitHub that trick users into downloading Lumma Stealer, an infostealing malware. These repositories falsely advertise hacks for popular games such as Apex Legends, Minecraft, Roblox and Call of Duty, as well as cracked versions of paid software, including Spotify Premium, FL Studio and Discord.

"These attack chains begin when users would search for Game Hacks, cracked software or tools related to Cryptocurrency on the internet, where they would eventually come across GitHub repositories or YouTube Videos leading to such GitHub repositories, offering such software," said McAfee’s research team.

The cybercriminals behind this operation continually update their repositories, replacing older versions as they are detected and removed. To appear legitimate, the repositories include fabricated distribution licences, screenshots and claims of an “advanced Anti-Ban system.”

Major outage causes disruption

GitHub on Thursday experienced a major outage that disrupted key services, including pull requests, issue tracking and repository access. The company reported that users faced timeouts and error messages due to a caching infrastructure failure.

"We are investigating reports of degraded availability for Issues and Pull Requests," GitHub stated in an incident report. "Users may experience timeouts in various GitHub services. We have identified an issue with our caching infrastructure and are working to mitigate the issue."

Thousands of users flagged the disruption on DownDetector, citing problems with server connections and GitHub Actions. The outage, which GitHub described as a “major incident”, follows a history of similar disruptions, including a global outage in February 2022 and repeated service failures in March 2022 and May 2023.