Techly NewsGet the app

Get the latest tech news

GitHub is under automated attack by millions of cloned repositories filled with malicious code.


Thanks to a combination of sophisticated methodology and social engineering, this particular attack seems to be very difficult to stop.

However, the site is currently undergoing an automated attack involving the cloning and creation of huge numbers of malicious code repositories, and while the developers have been working to remove the affected repos, a significant amount are said to survive, with more uploaded on a regular basis. An unknown attacker has managed to create and deploy an automated process that forks and clones existing repositories, adding its own malicious code which is concealed under seven layers of obfuscation (via Ars Technica). As things stand this method seems to have worked remarkably well, and while GitHub has yet to comment on the attack directly, it did issue a general statement reassuring its users that "We have teams dedicated to detecting, analyzing, and removing content and accounts that violate our Acceptable Use Policies.

Get the Android app

Or read this on r/technology

Read more on:

Photo of Millions

Millions

Photo of GitHub

GitHub

Photo of Malicious code

Malicious code

Related news:

News photo

MyHeritage debuts OldNews.com, offering access to millions of historical newspaper pages

News photo

Over 100,000 Infected Repos Found on GitHub

News photo

UnitedHealth hackers say they stole 'millions' of records, then delete statement

« Canadian Surpreme Court Rules Police Now Need a Warrant to Get a Person's IP
Byju’s Missing $533 Million Stuck in Unnamed Offshore Trust »