CrowdStrike, in collaboration with Google and Shadowserver, has dismantled a botnet known as Glassworm, which targeted open-source software developers. Over the past two years, this network deployed malware through developer accounts and code distribution channels to steal passwords and compromise over 300 GitHub repositories. The attackers used methods such as publishing malicious plugins, purchasing search ads to lure downloads, and taking over developer accounts with stolen credentials.
The operation severed four command-and-control channels, including those using the Solana blockchain and BitTorrent network, reducing the attackers' ability to deploy additional malware. This action comes amid a rise in supply chain attacks on open-source projects, with recent incidents affecting developers and projects globally. The report also noted a similar attack in March linked to North Korean hackers, underscoring the increasing focus on developer accounts as prime targets.
CrowdStrike and Google Dismantle Developer-Targeting Botnet
Aviso legal: El contenido de Phemex News es únicamente informativo.No garantizamos la calidad, precisión ni integridad de la información procedente de artículos de terceros.El contenido de esta página no constituye asesoramiento financiero ni de inversión.Le recomendamos encarecidamente que realice su propia investigación y consulte con un asesor financiero cualificado antes de tomar cualquier decisión de inversión.