CrowdStrike, in collaboration with Google and Shadowserver, has dismantled a botnet known as Glassworm, which targeted open-source software developers. Over the past two years, this network deployed malware through developer accounts and code distribution channels to steal passwords and compromise over 300 GitHub repositories. The attackers used methods such as publishing malicious plugins, purchasing search ads to lure downloads, and taking over developer accounts with stolen credentials.
The operation severed four command-and-control channels, including those using the Solana blockchain and BitTorrent network, reducing the attackers' ability to deploy additional malware. This action comes amid a rise in supply chain attacks on open-source projects, with recent incidents affecting developers and projects globally. The report also noted a similar attack in March linked to North Korean hackers, underscoring the increasing focus on developer accounts as prime targets.
CrowdStrike and Google Dismantle Developer-Targeting Botnet
Aviso Legal: O conteúdo disponibilizado no Phemex News é apenas para fins informativos. Não garantimos a qualidade, precisão ou integridade das informações provenientes de artigos de terceiros. Este conteúdo não constitui aconselhamento financeiro ou de investimento. Recomendamos fortemente que você realize suas próprias pesquisas e consulte um consultor financeiro qualificado antes de tomar decisões de investimento.