Thousands of GitHub repositories were copied with their clones altered to include malware, a software engineer discovered today.
While cloning open source repositories is a common development practice and even encouraged among developers, this case involves threat actors creating copies of legitimate projects but tainting these with malicious code to target unsuspecting developers with their malicious clones.
GitHub has purged most of the malicious repositories after receiving the engineer’s report.
BleepingComputer, like many, observed that when searching GitHub for this URL, there were 35,000+ search results showing files containing the malicious URL.
