Lastpass is warning of an ongoing, comprehensive information steeler campaign, which targets apple Macos users through fake github repository that distribute malware-less programs in the form of legitimate equipment.
Researchers Alex Cox, Mike Kosak, and Stephanie Schneider to Lastpass Thretpass Thret Intelligence, Mitigation, and Escalation (Time) Team said, “In the case of lastpass, the fraud repository rejected the potential victims in a repository, which downloads the atomic infoseller mileware.”
Beyond the lastpass, some popular devices installed in the campaign include 1Password, Basecamp, Basecamp, Dropbox, Gemini, Hotsuit, Dharna, Obsidian, Robinhood, SAILESLOFT, Sentinelone, Shopify, Thunderbird, and TWEETDECK All GIHUB repository is designed to target the MACOS system.
Attacks include the use of search engine adaptation (SEO) toxicity to push the links of malicious github sites at the top of the search results on Bing and Google, which then instructs users to download the program by clicking the program by clicking the program by clicking “Lastpass” button.
“The Github page appears to be made by several Github user names to be created by many Github user names,” Lastpass said.
The Github page is designed to move the user to another domain which provides clickfix-style instructions to copy and execute a command on the terminal app, resulting in deployment of atomic steller malware.
It is worth noting that similar campaigns have already been taken advantage of malicious sponsored Google advertisements for homebreen to distribute a multi-stage dropper through a bogus github repository, which can detect virtual machines or analysis environment, and according to the security researcher Dhirj Mishra, the security researcher can detect a distant server The system can execute the command for.
In recent weeks, the danger actors have been seen taking advantage of public github repository to host malicious payloads and distribute them through amadey, as well as an official GITHUB repository to employ hanging that users to rejuvenate users in unjust programs.
