Registration
 
All news
Top Stories
Editors' Picks
Crypto News
Financial News
Currencies
Market Voices
Billionaires
Companies
Regulators News
Dmytro Kharkov
Dmytro Kharkov

Hackers use Github for crypto crimes

Hackers use Github for crypto crimes
Gitvenom cyber attack exploits Github to steal cryptocurrency wallets.

​A sophisticated cyber campaign dubbed Gitvenom has been hijacking cryptocurrency wallets by embedding malicious code in seemingly legitimate open-source projects on Github, researchers report. 

Kaspersky Lab’s Georgy Kucherin and Joao Godinho have traced the operation, which involves hundreds of fraudulent repositories that mimic genuine software tools, ranging from Instagram automation instruments to Telegram bots for managing Bitcoin wallets and even hacking tools for video games like Valorant, reports Bitcoin News.

Deceptive Tactics and Diverse Payloads

The threat actors behind Gitvenom have employed advanced methods to make their repositories appear authentic. They use AI-generated README files, multiple tags, and artificially inflated commit histories to boost credibility. Depending on the programming language, the attackers conceal their payloads in different ways. 

For example, in Python repositories, malicious code is hidden behind long lines of whitespace followed by a script decryption command. In JavaScript projects, malware is embedded within a function that decodes and executes Base64-encoded scripts. In C, C++, and C# projects, hidden batch scripts are inserted into Visual Studio project files, ensuring that the malware executes during the build process.

Once the concealed scripts run, they download additional malicious components from attacker-controlled Github repositories. These components include a Node.js-based stealer that extracts sensitive data—such as credentials, cryptocurrency wallet information, and browsing history—sending the stolen data to attackers via Telegram. Additionally, open-source remote access tools like AsyncRAT and the Quasar backdoor are deployed, along with clipboard hijackers that replace copied crypto wallet addresses with attacker-controlled ones.

Global Impact and the Road Ahead

Active for at least two years, the Gitvenom campaign has been detected in regions including Russia, Brazil, and Turkey. Kaspersky researchers warn that as Github remains a crucial resource for millions of developers worldwide, threat actors will continue exploiting fake software projects as infection lures. 

“Before attempting to run such code or integrate it into an existing project, it is paramount to thoroughly check what actions it performs,” they cautioned. As the open-source ecosystem faces these escalating threats, heightened vigilance and improved code verification practices will be essential to safeguard digital assets and maintain trust in collaborative software development.

Recently we wrote, that stablecoin neobank Infini suffered a major setback on Monday when hackers drained 49.5 million USDC from its platform, according to on-chain data

This material may contain third-party opinions, none of the data and information on this webpage constitutes investment advice according to our Disclaimer. While we adhere to strict Editorial Integrity, this post may contain references to products from our partners.

Editor's Picks for You

Crypto on the court: How NBA Finals became a showcase for Ledger
  • By Anastasiia Chabaniuk
  • 22 hours ago
Crypto on the court: How NBA Finals became a showcase for Ledger
Editors' Picks
How to build wealth from scratch in 3 practical steps
  • By Johnathan Maverick
  • Yesterday
How to build wealth from scratch in 3 practical steps
Editors' Picks
Kospi Index crash: Why South Korean market fell alongside AI stocks
  • By Eugene Komchuk
  • Yesterday
Kospi Index crash: Why South Korean market fell alongside AI stocks
Editors' Picks
All Editors' Top Picks

Latest Crypto News

House Ways and Means proposes digital asset tax update for U.S. market access
  • By Ashutosh Sureka
  • 4 hours ago
House Ways and Means proposes digital asset tax update for U.S. market access
Financial News
#Crypto #Cryptoreg #USA
House panel weighs crypto tax bills as bipartisan divide clouds legislative path
  • By Ciaran Ryan
  • 4 hours ago
House panel weighs crypto tax bills as bipartisan divide clouds legislative path
Crypto News
#Crypto #Cryptoreg #Legislation
U.S. House crypto tax bills face bipartisan scrutiny as committee review continues
  • By Ashutosh Sureka
  • 8 hours ago
U.S. House crypto tax bills face bipartisan scrutiny as committee review continues
Crypto News
#Crypto #Legislation
All Crypto News
  • Anastasiia Chabaniuk
  • 22 hours ago
Crypto on the court: How NBA Finals became a showcase for Ledger
  • Johnathan Maverick
  • Yesterday
How to build wealth from scratch in 3 practical steps
  • Eugene Komchuk
  • Yesterday
Kospi Index crash: Why South Korean market fell alongside AI stocks
  • Mira Kyivska
  • 07.06.2026
Bitcoin or Ferrari: Which investment is better?
  • Mira Kyivska
  • 06.06.2026
Strategy sells Bitcoin: Small sale tests market confidence
  • Elena Nikulina
  • 22 min ago
Stock markets show signs of cooling off despite AI interest, Jason Pizzino notes
  • Andrey Mastykin
  • 37 min ago
AI and war drive factory price gap in China, Christophe Barraud notes
  • Anastasiia Chabaniuk
  • 42 min ago
Matthew Klein: Kweichow Moutai market cap larger than peer but majority stake held by Guizhou province
  • Oleg Tkachenko
  • 57 min ago
U.S. startup valuations match Chinese tech giants, Joe Weisenthal notes
  • Hanna Syniavska
  • 1 hour ago
Dollar dominance in stablecoins could decline within 5 years, Dan Tapiero notes
Weekly Top Bonuses
up to $2,500
deposit bonus for all clients
CLAIM BONUS
Your capital is at risk.
Top News
  • Igor Krasulya
  • 14 hours ago
SpaceX-Google pact fuels debate over IPO valuation
SpaceX-Google pact fuels debate over IPO valuation
  • Jose Antonio Gastelum
  • 18 hours ago
U.S. futures rise as AI IPO hopes lift tech sentiment
U.S. futures rise as AI IPO hopes lift tech sentiment
  • Olga Shendetskaya
  • 20 hours ago
Bond yields raise pressure on Fed as inflation risks persist
Bond yields raise pressure on Fed as inflation risks persist
  • Andrey Mastykin
  • 21 hours ago
BlackRock launches space ETF with fast IPO entry
BlackRock launches space ETF with fast IPO entry
  • Anastasiia Chabaniuk
  • 22 hours ago
Hormuz closure pushes Iraq and UAE to expand oil pipelines
Hormuz closure pushes Iraq and UAE to expand oil pipelines
Live News
  • Dmytro Kharkov
  • Now
IBM seeks fresh momentum after four-day losing streak
  • Anton Kharitonov
  • Now
Microsoft declines as market seeks returns on AI investments
  • Anton Kharitonov
  • Now
Apple declines after WWDC as investors expected more
  • Dmytro Kharkov
  • Now
Intel gains momentum as Google and Nvidia fuel foundry hopes
  • Anton Kharitonov
  • Now
Bitcoin remains under pressure amid record capital outflows
Who We Are
Business Solutions
For Users
TU News
Popular Sections
Disclosures
CONTACT US
Legal
We are in Social Media
© IAFT Ltd., 2010-2026 All rights to the website are owned by IAFT Ltd.,
Registration number - HE 336186
  • Risk disclosure:

    Information on the TradersUnion.com website is for informational purposes only and does not constitute any motive or suggestion to visitors to invest money. Moreover, we hereby warn you that trading on the Forex and CFD markets is always a high risk. According to the statistics, 75-89% of customers lose the funds invested and only 11-25% of traders earn a profit. Trading in futures and options carries substantial risk of loss and is not suitable for every investor.

    That is why you should only invest money that you are prepared — or can afford — to lose at such high risks. Tradersunion.com does not provide any financial services, including investment or financial advisory services. Also, the Traders Union is not a broker and does not get money for trading in the Forex or CFD markets. Our website only provides information on brokers and the markets and helps its users to select the best brokerage company based on detailed information and objective analysis of brokers.

  • Disclaimer:

    Traders Union (TradersUnion.com) shall not be liable for the consequences of trading decisions made by the Client and for the possible loss of his capital resulting from the use of this website and information published on it.

    Forex market, CFD and cryptocurrency trading involves high risks and is not suitable for everyone. Before investing money, you need to adequately assess the level of your expertise and be aware of the risks, particularly in the context of trading with leverage. The information on this website is not intended for distribution or use by any person in any country or jurisdiction, where such distribution or use would be in violation of the local law or regulation. Any payments by Traders Union (TradersUnion.com) to the users of our website shall be legally interpreted solely as an incentive on our part for the activity on the website in the form of a deduction of a part of the advertising income; they shall not be a subject of any claims of our users or our obligations, a subject of disputes, as well as cannot be considered in relation to the services provided to users by brokers, both in fact and in their completeness and volume. The administration of the website shall not be liable for the content of user comments and reviews about the companies and shall not verify whether the authors of the reviews are indeed real clients of a specific company. All reviews, both negative and positive are published on the website without verification of their reliability; only offensive reviews that call for violence or any kind of discrimination and also reviews published from one group of IP addresses are moderated and removed. The authors of the materials shall be fully liable for the accuracy, completeness and impartiality of any information in the articles and reviews, including in the context of their use or mention of any brand names or trademarks. All mentions of the names of companies and their brands in any materials on the website shall be made in the context of communication of socially important information to the people about their activities by independent journalists, who are the authors. All evaluations and indicators on the website express the subjective opinion of the authors of the reviews (articles) and shall not be viewed as accurate statements and be a subject of disputes and claims against Traders Union.

  • Disclosure of advertisers and revenues:

    All the services on the Tradersunion.com website are free for you to use. Our team spends thousands of hours per annum researching brokers and gathering information about them to help investors all over the world to choose reliable companies and to avoid fraudsters.

    Indeed, the curating, sourcing, and organization of this process requires substantial financial investment by Tradersunion.com, which the website earns in the form of advertising payments. There are two types of advertising services on the website — direct advertising or partner (broker) participation programs. However, no services purchased by our partners shall affect the recommendations on our website, or our opinions, or ratings. Our ratings are based on our objective rating criteria and methodology; and the results are always equally and fairly applied to each broker. The work of our content authors and research groups does not involve any interaction with our advertisers and they do not have access to data concerning the amount of advertising purchased. For over 10 years we consider our independence, absolute openness, and objectivity as our main priority. Please follow the links to each of our affiliated broker’s websites. This will help Tradersunion.com to continue to provide our services to you for free.

onepercentfortheplanet.org World Association of News Publishers https://gdpr.eu/ GDPR