Techly NewsGet the app

Get the latest tech news

Github scam investigation: Thousands of “mods” and “cracks” stealing data


While looking through the articles on a "social engineering" themed forum I discovered a relatively new scam scheme that shocked me. People create thousands of GitHub repositories with all sorts of things - from Roblox and Fortnite mods to "cracked" FL Studio and Photoshop. As soon as you download and

While looking through the articles on a "social engineering" themed forum I discovered a relatively new scam scheme that shocked me.People create thousands of GitHub repositories with all sorts of things - from Roblox and Fortnite mods to "cracked" FL Studio and Photoshop. This post is a very long and detailed step-by-step instruction for creating and spreading hundreds of malicious GitHub repos masked as almost anything "juicy": popular game mods, "free" cracked apps like Adobe Photoshop and FL Studio, and lots of other things. Some people ask for advice, others +rep the author, and some say that this is almost dead - "I used to get hundreds of logs with this a year ago, but now there are lots of script kiddies spoiling the results for all of us".One user links another guide on how to unpack the stolen Steam accounts and sell the inventory - guess that's a topic for another post.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of malware

malware

Photo of GitHub

GitHub

Photo of GitHub repos

GitHub repos

Related news:

News photo

Copilot exposes private GitHub pages, some removed by Microsoft

News photo

Thousands of exposed GitHub repos, now private, can still be accessed through Copilot

News photo

200-plus impressively convincing GitHub repos are serving up malware

« Why and How I use “Org Mode” for my writing and more (2022)
Boris Spassky: 1937–2025 »